Sql injection

An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php...

CVE-2021-46428

A Remote Code Execution RCE vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 and previous versions via the botavatar parameter in SystemSettings.php...

CVE-2021-46428

CVE-2021-46428 affects Sourcecodester Simple Chatbot Application 1.0 (and earlier versions). The vulnerability is an RCE exposed via the bot_avatar parameter in SystemSettings.php, enabling remote code execution. The available sources indicate a high-severity impact with network access and no aut...

CVE-2021-46427

The CVE refers to CVE-2021-46427 in Sourcecodester Simple Chatbot Application 1.0, with an SQL Injection vulnerability exploitable via the message parameter in Master.php. The vulnerability is documented across multiple sources (NVD and CNVD family) and is described as affecting input handling on...

CVE-2021-46427

An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php...

Simple Chatbot Application SQL注入漏洞

Simple Chatbot Application is a chatbot application. version 1.0 of Simple Chatbot Application is vulnerable to SQL injection, which can be exploited by attackers via the message parameter in master.php...

Simple Chatbot Application 代码问题漏洞

Simple Chatbot Application is a chatbot application by Carlo Montero Personal Developer. A security vulnerability exists in Simple Chatbot Application 1.0 due to remote code execution in the botavatar parameter in SystemSettings.php...

Simple Chatbot Application 1.0 Shell Upload

Exploit Title: Simple Chatbot Application 1.0 - Remote Code Execution RCE Date: 18/01/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Teste...

Simple Chatbot Application 1.0 - (message) Blind SQL injection Vulnerability

Exploit Title: Simple Chatbot Application 1.0 - 'message' Blind SQLi Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Tested on: XAMPP, Windows 1...

Simple Chatbot Application 1.0 - Remote Code Execution (RCE)

Exploit Title: Simple Chatbot Application 1.0 - Remote Code Execution RCE Date: 18/01/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Teste...

CVE-2021-44164

Chain Sea ai chatbot system’s file upload function has insufficient filtering for special characters in URLs, which allows a remote attacker to by-pass file type validation, upload malicious script and execute arbitrary code without authentication, in order to take control of the system or...

CVE-2021-44164

The CVE-2021-44164 entry concerns Chain Sea AI chatbot system; its file upload function lacks robust filtering for special URL characters, allowing bypass of file type validation and remote code execution without authentication. Impact is system take-over or service termination as described; conn...

CVE-2021-44164 Chain Sea Information Integration Co., Ltd ai chatbot system - Arbitrary File Upload

Chain Sea ai chatbot system’s file upload function has insufficient filtering for special characters in URLs, which allows a remote attacker to by-pass file type validation, upload malicious script and execute arbitrary code without authentication, in order to take control of the system or...

CVE-2021-44163 Chain Sea Information Integration Co., Ltd ai chatbot system - Reflected XSS

Chain Sea ai chatbot backend has improper filtering of special characters in URL parameters, which allows a remote attacker to perform JavaScript injection for XSS reflected Cross-site scripting attack without authentication...

CVE-2021-44163

CVE-2021-44163 affects the Chain Sea AI chatbot backend. The issue arises from improper filtering of special characters in URL parameters, enabling a remote attacker to perform reflected XSS via JavaScript injection without authentication. Public references in the dataset corroborate a URL-parame...

Chain Sea Ai Chatbot System跨站脚本漏洞

Chain Sea Ai Chatbot System is an intelligent human customer service software from Chain Sea, China. Chain Sea Ai Chatbot System is vulnerable to a cross-site scripting vulnerability, which is caused by the product not filtering special characters in URL parameters and can be exploited for JS...

Chain Sea Ai Chatbot System 路径遍历漏洞

Chain Sea Ai Chatbot System is an intelligent customer service software from Chain Sea, a Chinese company. An attacker could download arbitrary system files without authentication...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +168 more potentially affected by CVE-2021-41199 via tensorflow-gpu (>=1.10.1 <=2.4.2)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 and more Source cves: CVE-2021-41199 Source advisory: OSV:GHSA-5HX2-QX8J-QJQM...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +168 more potentially affected by CVE-2021-41224 via tensorflow-gpu (>=1.10.1 <=2.4.2)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 and more Source cves: CVE-2021-41224 Source advisory: OSV:GHSA-RG3M-HQC5-344V...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +168 more potentially affected by CVE-2021-41225 via tensorflow-gpu (>=1.10.1 <=2.4.2)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 and more Source cves: CVE-2021-41225 Source advisory: OSV:GHSA-7R94-XV9V-63JW...