240 matches found
CVE-2023-3004
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=readmsg of the component POST Parameter Handler. The manipulation of the argument convoid leads to sql...
Sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=readmsg of the component POST Parameter Handler. The manipulation of the argument convoid leads to sql...
CVE-2023-3004 SourceCodester Simple Chat System POST Parameter sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Chat System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=readmsg of the component POST Parameter Handler. The manipulation of the argument convoid leads to sql...
CVE-2023-3004
CVE-2023-3004 affects SourceCodester Simple Chat System 1.0, where SQL injection can be triggered in the POST Parameter Handler via /ajax.php?action=read_msg by manipulating convo_id/convo id. The vulnerability is exploitable remotely and has been disclosed publicly. Public sources report a Criti...
PT-2023-22516 · Sourcecodester · Sourcecodester Simple Chat System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Chat System version 1.0 Description: A critical issue has been found in the file /ajax.php?action=read msg of the component POST Parameter Handler. The manipulation of the convo id argument leads to sql injection. The...
Simple Chat System SQL注入漏洞
Simple Chat System is a simple chat system by nurhodelta17 individual developer. A SQL injection vulnerability exists in Simple Chat System version 1.0, which stems from an incorrect manipulation of the parameter convoid that can lead to sql injection...
Cross site scripting
LogicalDOC Enterprise is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app chat system...
Open-xchange OX App Suite Cross-Site Scripting Vulnerability (CNVD-2021-90760)
Open-xchange OX App Suite is a web-based cloud desktop environment from Open-Xchange Open-xchange, a US-based company. The environment allows users to more intuitively manage email, tasks, files, etc. A cross-site scripting vulnerability exists in Open-xchange OX App Suite, which can be exploited...
CVE-2021-33495
OX App Suite 7.10.5 allows XSS via an OX Chat system message...
CVE-2021-33495
OX App Suite 7.10.5 allows XSS via an OX Chat system message...
online Chatting System 1.0 - (id) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: online Chatting System 1.0 - 'id' SQL Injection Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14224/online-chatting-system-using-phpmysql.html Software Link:...
Simple Chat System 1.0 - 'id' SQL Injection
Exploit Title: Simple Chat System 1.0 - 'id' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11610/simple-chat-system.html Software Link: https://sourceforge.net/projects/simple-chat-system/files/latest/download Version: 1....
A week in security (April 02 – April 08)
Last week, we took a look at fake Whatsapp antics, dubious gaming extensions, and a huge Panera bread breach. There was also LockCrypt ransomware to contend with, we had a poke around Linkedin, and we published another Physician, protect thyself blog. Other news Compromised cash register systems...
Melange Chat System 2.0.2 Beta 2 /yell Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melange, it is possible for users t...
CVE-2002-1351
The vulnerability CVE-2002-1351 affects Melange Chat System 1.10. A buffer overflow in the chat_InterpretData function, triggered by a long Nick (nickname) in an msgText buffer, allows remote attackers to cause a denial of service (chat server crash) and potentially execute arbitrary code. This i...
CVE-2002-1351
Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service chat server crash and possibly execute arbitrary code via the msgText buffer in the chatInterpretData function, as demonstrated via a long Nick nickname request...
yak212.txt
Luigi Auriemma Application: Yak! http://www.digicraft.com.au/yak/ Versions: = 2.1.2 Platforms: Windows Bug: directory traversal upload Exploitation: remote Date: 15 October 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code ...
CVE-2002-1351
Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service chat server crash and possibly execute arbitrary code via the msgText buffer in the chatInterpretData function, as demonstrated via a long Nick nickname request...
Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow
Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melang...
Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow
source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melange, it is possible for users to initiate a buffer overflow...