Lucene search
+L

316 matches found

CVE
CVE
added 2023/10/04 12:32 p.m.49 views

CVE-2023-4497

CVE-2023-4497 affects Easy Chat Server (version 3.1 and earlier). The vulnerability is a stored XSS in the Icon parameter, reachable via POST to /registresult.htm and loading data from /users.ghp. Descriptions in multiple sources confirm the issue; CVSS v3.1 base score 6.1 (MEDIUM) with network a...

6.1CVSS5.9AI score0.0037EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/04 12:32 p.m.18 views

CVE-2023-4497 Easy Chat Server XSS vulnerability

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...

6.1CVSS5.1AI score0.0037EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/04 12:32 p.m.33 views

CVE-2023-4496 Easy Chat Server XSS vulnerability

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

6.1CVSS6.1AI score0.0037EPSS
Exploits1References1
CVE
CVE
added 2023/10/04 12:32 p.m.45 views

CVE-2023-4496

CVE-2023-4496 affects Easy Chat Server (version 3.1 and earlier). The vulnerability is a stored Cross-Site Scripting (XSS) in the mtowho parameter of the POST endpoint /body2.ghp, caused by insufficient input encryption. Impact details are limited to XSS risk; no exploit details or active exploit...

6.1CVSS6AI score0.0037EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/04 12:32 p.m.14 views

CVE-2023-4496 Easy Chat Server XSS vulnerability

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

6.1CVSS5.6AI score0.0037EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/04 12:29 p.m.36 views

CVE-2023-4495 Easy Chat Server XSS vulnerability

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

6.1CVSS5.9AI score0.0037EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/10/04 12:29 p.m.17 views

CVE-2023-4495 Easy Chat Server XSS vulnerability

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

6.1CVSS5.1AI score0.0037EPSS
Exploits1References1
CVE
CVE
added 2023/10/04 12:29 p.m.46 views

CVE-2023-4495

The CVE-2023-4495 entry documents an XSS vulnerability in Easy Chat Server (version 3.1 and earlier). The issue arises from insufficient sanitization of user-controlled input stored via the POST endpoint /registresult.htm in the Resume parameter, with the XSS payload being loaded from /register.g...

6.1CVSS5.9AI score0.0037EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/10/04 12:27 p.m.38 views

CVE-2023-4494 Easy Chat Server Stack-based buffer overflow vulnerability

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

9.8CVSS9.9AI score0.009EPSS
Exploits1References1
CVE
CVE
added 2023/10/04 12:27 p.m.44 views

CVE-2023-4494

CVE-2023-4494 concerns Easy Chat Server 3.1. It is described as a stack-based buffer overflow in the handling of a username when accessed via the register.ghp file through a GET request, potentially enabling arbitrary code execution on the remote host. The vulnerability is rated with a high/criti...

9.8CVSS9.8AI score0.009EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/04 12:27 p.m.14 views

CVE-2023-4494 Easy Chat Server Stack-based buffer overflow vulnerability

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

9.8CVSS8.1AI score0.009EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/10/04 12:0 a.m.6 views

Chat Server Cross-Site Scripting Vulnerability

Chat Server is ramank775 individual developer's chat server based on microservices architecture, supporting high availability, high throughput, horizontal scaling. A cross-site scripting vulnerability exists in Chat Server version 3.1, which stems from a stored cross-site scripting XSS...

6.1CVSS5.6AI score0.0037EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/10/04 12:0 a.m.7 views

Chat Server Buffer Error Vulnerability

Chat Server is ramank775 individual developer's chat server based on microservices architecture that supports high availability, high throughput, and horizontal scaling. A buffer error vulnerability exists in Easy Chat Server version 3.1, which stems from the presence of a buffer overflow...

9.8CVSS8AI score0.009EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.7 views

PT-2023-29320 · Unknown · Easy Chat Server

Name of the Vulnerable Software and Affected Versions: Easy Chat Server versions 3.1 and earlier Description: The issue arises from insufficient encryption of user-controlled inputs, leading to a Cross-Site Scripting XSS vulnerability. This vulnerability is stored via the "POST" method at the...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.7 views

PT-2023-29322 · Unknown · Easy Chat Server

Name of the Vulnerable Software and Affected Versions: Easy Chat Server versions 3.1 and earlier Description: The issue arises from insufficient encryption of user-controlled inputs, leading to a Cross-Site Scripting XSS vulnerability. This vulnerability is stored via the "/body2.ghp" API endpoin...

6.1CVSS5.9AI score0.0037EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.6 views

PT-2023-29319 · Unknown · Easy Chat Server

Name of the Vulnerable Software and Affected Versions: Easy Chat Server version 3.1 Description: A stack-based buffer overflow issue exists due to an excessively long username string being sent to the "register.ghp" file via a GET request, potentially leading to arbitrary code execution on the...

9.8CVSS9.8AI score0.009EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/10/04 12:0 a.m.5 views

Chat Server Cross-Site Scripting Vulnerability

Chat Server is ramank775 individual developer's chat server based on microservices architecture, supporting high availability, high throughput, horizontal scaling. A cross-site scripting vulnerability exists in Chat Server version 3.1, which stems from a stored cross-site scripting XSS...

6.1CVSS5.6AI score0.0037EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/10/04 12:0 a.m.7 views

Chat Server Cross-Site Scripting Vulnerability

Chat Server is ramank775 individual developer's chat server based on microservices architecture, supporting high availability, high throughput, horizontal scaling. A cross-site scripting vulnerability exists in Chat Server version 3.1, which stems from a stored cross-site scripting XSS...

6.1CVSS5.6AI score0.0037EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.9 views

PT-2023-29324 · Unknown · Easy Chat Server

Name of the Vulnerable Software and Affected Versions: Easy Chat Server versions 3.1 and earlier Description: The issue arises from insufficient encryption of user-controlled inputs, leading to a Cross-Site Scripting XSS vulnerability. This vulnerability is stored via the "/registresult.htm" API...

6.1CVSS5.9AI score0.0037EPSS
Exploits1References4
Openbugbounty
Openbugbounty
added 2023/07/08 3:50 p.m.21 views

chat.server-grenslandradio.nl Cross Site Scripting vulnerability OBB-3491229

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Rows per page
Query Builder