12 matches found
EUVD-2022-47882
Malicious code in bioql PyPI...
CVE-2022-44955
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...
CVE-2025-2334
A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access...
Cross site scripting
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...
CVE-2022-44955
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...
CVE-2022-44955
CVE-2022-44955 affects webtareas version 2.4p5, where a cross-site scripting (XSS) vulnerability exists in the Chat function. The vulnerability allows an attacker to inject a crafted payload into the Messages field to execute arbitrary web scripts or HTML. Documented impact is limited to the abil...
MapTool 1.11.5 Denial Of Service
Document Title: =============== MapTool v1.11.5 - Denial of Service Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2318 Release Date: ============= 2022-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 2318...
MapTool v1.11.5 - Denial of Service Vulnerability
Document Title: =============== MapTool v1.11.5 - Denial of Service Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2318 Release Date: ============= 2022-10-09 Vulnerability Laboratory ID VL-ID: ==================================== 2318...
Send message in chat function with any username
Description In chat function, username is not validated. We can change username to any value we want which not match with logged in user. Exploitation steps: 1. Login with Phil1 account Patient account. 2. Send message via Burpsuite proxy 3. Modify username to any value you want I user "n00b" 4. ...
Denial Of Service (DoS)
pocketmine/pocketmine-mp is vulnerable to denial of service. The vulnerability exists in the chat function of Player.php due to the lack of message length checks, allowing an attacker to crash the application by providing large messages with many newlines...
SAP NetWeaver Java AS RTC Service Information Disclosure Vulnerability
SAP NetWeaver is SAP's integrated technology platform and the technology foundation for all SAP applications since SAP Business Suite. A security vulnerability exists in the chat function of the RTC service in SAP NetWeaver Java AS version 7.4, which can be exploited by remote attackers to obtain...
AIDeX Mini-Webserver 1.4 Cross Site Scripting
Exploit Title: AIDeX Mini-Webserver 1.4 integrated Chat Javascript Injection Vulnerability Autor: wingthor Author-Email:[email protected] Author-Website german:http://www.wingthor.de Date: 30.12.10 Tool: AIDeX Mini-Webserver Version: 1.4...