97 matches found
WordPress plugin AVChat Video Chat 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress Community Lite Video Chat plugin <= 2.2 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin AVChat Video Chat versions = 2.2...
WordPress AVChat Video Chat Plugin <= 2.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software AVChat Video Chat Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49605 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 380cfa224ffa Credits SOPROBRO Required...
CVE-2024-7869
The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that wi...
CVE-2024-7869
CVE-2024-7869: Stored XSS in the WordPress 123.chat - Video Chat plugin (versions up to and including 1.3.1). Root cause: insufficient input sanitization and output escaping. Impact: unauthenticated attackers can inject scripts on pages and trigger them for users. CVSS v3.1 base score 7.2 (HIGH)....
WordPress plugin 123.chat - Video Chat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
123.chat - Video Chat <= 1.3.1 - Unauthenticated Stored Cross-Site Scripting
Description The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
Video Chat Website Omegle Permanently Shuts Down
By Waqas Omegle was founded on March 25, 2009. This is a post from HackRead.com Read the original post: Video Chat Website Omegle Permanently Shuts Down...
SUSE CVE-2011-4602
The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in 1 voice-chat and 2 video-chat stanzas, which allows remote attackers to cause a denial of service application crash via a crafted message...
PT-2022-27252 · Rocket.Chat · Rocket.Chat-Desktop
Name of the Vulnerable Software and Affected Versions: Rocket.Chat-Desktop versions prior to 3.8.14 Description: A command injection issue exists that could allow an attacker to pass a malicious URL to shell.openExternal, potentially leading to remote code execution. This is because the...
Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps
In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incomi...
recursos.videochatprovider.com Cross Site Scripting vulnerability OBB-1347050
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Luckycrush video chat full unlimited Exploit
LuckyCrush is a video chat site that randomly connects men with women and women with men. with this program you can bypass Luckycrush video chat minutes limitation. proof video: https://0day.today/videos/34240.mp4 Usage Info run application and enjoy free unlimited video chat : This is private...
Will Social Distancing Break the Internet?
First off, no -- the Internet is not going to break! That said, the news media is awash with stories and statistics about how the Internet is faring with the increase in traffic due to isolation protocols forcing daily functions online. Which functions? In my house, we have remote work, e-learnin...
Hardcoded credentials
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key...
WhatsApp Group Video Call and Instagram Video Chat Are Coming Soon
Facebook announced a whole lot of new features at its 2018 Facebook F8 developers conference, including Dating on Facebook, letting users clear their web browsing history, real-time language translation within Messenger, and many more. Besides announcing exciting features for its social media...
WhatsApp Group Video Call and Instagram Video Chat Are Coming Soon
Facebook announced a whole lot of new features at its 2018 Facebook F8 developers conference, including Dating on Facebook, letting users clear their web browsing history, real-time language translation within Messenger, and many more. Besides announcing exciting features for its social media...
Chatruletka – Video Chat - Customized SSL, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Chatruletka – Video Chat published at the 'play' market has multiple vulnerabilities...
HOLLA - random video chat - Customized SSL, Exported ContentProvider, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application HOLLA - random video chat published at the 'play' market has multiple vulnerabilities...
Live.me - #1 video chat app - AWS Credentials, Base64 encoded String, Customized SSL vulnerabilities
HackApp vulnerability scanner discovered that application Live.me - 1 video chat app published at the 'play' market has multiple vulnerabilities...