20 matches found
EUVD-2018-13078
Malware in sbrugna...
EUVD-2005-0523
Malware in sbrugna...
EUVD-2004-1796
Malware in sbrugna...
Chat Anywhere extension for Chrome cross-site scripting vulnerability
Chat Anywhere extension for Chrome is an online chat plugin for use in Google Chrome. A cross-site scripting vulnerability exists in the Chat Anywhere extension for Chrome version 2.4.0, which stems from the danmuWrapper DIV element in the chatbox-only\danmu.js file being out of the scope of the...
CVE-2018-20524
The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of in a message, because a danmuWrapper DIV element in chatbox-only\danmu.js is outside the scope of a Content Security Policy CSP...
Code injection
The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of in a message, because a danmuWrapper DIV element in chatbox-only\danmu.js is outside the scope of a Content Security Policy CSP...
CVE-2018-20524
Affected software: Chat Anywhere extension for Chrome, version 2.4.0. Vulnerability details: A cross-site scripting (XSS) flaw exists because the danmuWrapper DIV in chatbox-only\danmu.js lies outside the scope of the extension’s Content Security Policy (CSP). This can be exploited via crafted me...
Chat Anywhere 2.72a Local Password Disclosure Exploit
No description provided by source. / Chat Anywhere 2.72a Local Exploit by Kozan Application: Chat Anywhere 2.72a Vendor:LionMax Software http://www.lionmax.com/ Vulnerable Description: Chat Anywhere 2.72a discloses passwords to local users. Discovered & Coded by: Kozan Credits to ATmaCA Web :...
CVE-2004-2724
The CVE-2004-2724 entry affects LionMax Software Chat Anywhere 2.72a. A crafted username beginning with a percent sign followed by a null character can trigger a denial of service, causing the server to crash and the client to exhibit high CPU usage. The connected documents confirm this vulnerabi...
CVE-2004-2724
LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service server crash and client CPU consumption via a username beginning with percent % followed by a null character...
CVE-2004-1802
CVE-2004-1802 affects Chat Anywhere 2.72 and earlier. A remote attacker can hide their true IP address by sending %00 before the nickname, causing the IP to be displayed as $IP$ on the administration web page. This detail is supported by CVE records (CVE-2004-1802) and related databases. No addit...
CVE-2004-1802
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page...
CVE-2005-0522
Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges...
[SA14385] Chat Anywhere User Credentials Disclosure
TITLE: Chat Anywhere User Credentials Disclosure SECUNIA ADVISORY ID: SA14385 VERIFY ADVISORY: http://secunia.com/advisories/14385/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: Local system SOFTWARE: Chat Anywhere 2.x http://secunia.com/product/3163/ DESCRIPTION: Kozan...
CVE-2005-0522
CVE-2005-0522 affects Chat Anywhere 2.72a, where passwords are stored in plaintext in the chatroom’s INI file. This enables local users to gain privileges due to insecure credential storage (local privilege escalation). The available sources describe the root cause as plaintext storage, with no d...
CVE-2005-0522
Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges...
Chat Anywhere 2.72a Local Password Disclosure Exploit
Exploit for unknown platform in category local exploits ===================================================== Chat Anywhere 2.72a Local Password Disclosure Exploit ===================================================== / Chat Anywhere 2.72a Local Exploit by Kozan Application: Chat Anywhere 2.72a...
Chat Anywhere 2.72a - Local Password Disclosure
Chat Anywhere 2.72a - Local Password Disclosure / Chat Anywhere 2.72a Local Exploit by Kozan Application: Chat Anywhere 2.72a Vendor:LionMax Software http://www.lionmax.com/ Vulnerable Description: Chat Anywhere 2.72a discloses passwords to local users. Discovered & Coded by: Kozan Credits to...
Chat Anywhere 2.72a - Local Password Disclosure
/ Chat Anywhere 2.72a Local Exploit by Kozan Application: Chat Anywhere 2.72a Vendor:LionMax Software http://www.lionmax.com/ Vulnerable Description: Chat Anywhere 2.72a discloses passwords to local users. Discovered & Coded by: Kozan Credits to ATmaCA Web : www.netmagister.com Web2:...
CVE-2004-1802
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page...