CVE-2024-29090 WordPress AI Engine plugin <= 2.1.4 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4...

CVE-2024-29100 WordPress AI Engine plugin <= 2.1.4 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4...

PT-2024-22720 · Unknown · Jordy Meow Ai Engine: Chatgpt Chatbot

Name of the Vulnerable Software and Affected Versions: Jordy Meow AI Engine: ChatGPT Chatbot versions n/a through 2.1.4 Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the AI Engine: ChatGPT Chatbot. No information is provided about the...

PT-2024-22710 · Unknown · Jordy Meow Ai Engine: Chatgpt Chatbot

Name of the Vulnerable Software and Affected Versions: Jordy Meow AI Engine: ChatGPT Chatbot versions n/a through 2.1.4 Description: The issue is a Server-Side Request Forgery SSRF vulnerability. It affects the AI Engine: ChatGPT Chatbot. There is no information provided about the estimated numbe...

WordPress AI Engine: ChatGPT Chatbot Plugin <= 2.1.4 is vulnerable to Server Side Request Forgery (SSRF)

Software AI Engine: ChatGPT Chatbot Type Plugin Vulnerable versions = 2.1.4 Fixed in 2.1.5 OWASP Top 10 A1: Broken Access Control Classification Server Side Request Forgery SSRF CVE CVE-2024-29090 Patch priority Low CVSS severity Low 6.8 Developer Claim ownership PSID 89edf8001a9b Credits Rafie...

CVE-2024-27963 WordPress Crisp – Live Chat and Chatbot plugin <= 0.44 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crisp allows Stored XSS.This issue affects Crisp: from n/a through 0.44...

CVE-2024-27963 WordPress Crisp – Live Chat and Chatbot plugin <= 0.44 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crisp allows Stored XSS.This issue affects Crisp: from n/a through 0.44...

CVE-2024-26454

A Cross Site Scripting vulnerability in Healthcare-Chatbot through 9b7058a can occur via a crafted payload to the email1 or pwd1 parameter in login.php...

Healthcare-Chatbot Security Vulnerability

Healthcare-Chatbot is a healthcare chatbot by Om Rajpurkar Personal Developer. A security vulnerability exists in Healthcare-Chatbot version 9b7058a and prior versions. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

CVE-2024-26454

A Cross Site Scripting vulnerability in Healthcare-Chatbot through 9b7058a can occur via a crafted payload to the email1 or pwd1 parameter in login.php...

CVE-2024-26454

CVE-2024-26454 affects Healthcare-Chatbot (version up to 9b7058a). A Cross Site Scripting flaw allows an attacker to inject a crafted payload via the email1 or pwd1 parameter in login.php, enabling client-side script execution. The NVD entry lists CVSS-3.1 base score 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/...

CVE-2024-26454

A Cross Site Scripting vulnerability in Healthcare-Chatbot through 9b7058a can occur via a crafted payload to the email1 or pwd1 parameter in login.php...

CVE-2024-28816

Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php...

Student Information Chatbot SQL Injection Vulnerability

Student Information Chatbot is a cloud-based student information chatbot system by the individual developer Aarav Raj Singh. A SQL injection vulnerability exists in Student Information Chatbot version a0196ab, which originates from allowing SQL to be injected into the login function in index.php...

CVE-2024-28816

The CVE identifies a SQL injection in the Student Information Chatbot a0196ab, exposed via the login username parameter in index.php. The underlying flaw is unsanitized user input passed to a SQL query in the login function, enabling potential unauthorized access or data exposure. Exploitation st...

CVE-2024-28816

Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php...

WordPress AI Engine: ChatGPT Chatbot Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software AI Engine: ChatGPT Chatbot Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0378 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9bd74cd8e71 Credits...

AnythingLLM Access Control Error Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM is vulnerable to an access control error vulnerability that stems from the presence of an access control error vulnerability...

Number withdrawn

Chat LangChain is a locally hosted chatbot implementation dedicated to answering questions via LangChain documents. This CVE number has been withdrawn...

A Pornhub Chatbot Stopped Millions From Searching for Child Abuse Videos

Every time someone in the UK searched for child abuse material on Pornhub, a chatbot appeared and told them how to get help...