240 matches found
CVE-2026-7103
A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file updateuser.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...
CVE-2026-8420 BLOGCHAT Chat System <= 1.3.6.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings Update
The BLOGCHAT Chat System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious...
WordPress plugin BLOGCHAT Chat System 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress BLOGCHAT Chat System plugin <= 1.3.6.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin BLOGCHAT Chat System versions = 1.3.6.3...
CVE-2026-8125
A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...
CVE-2026-8125
A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...
CVE-2026-8125 code-projects Simple Chat System sendMessage.php sql injection
A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...
CVE-2026-8125
The affected software is code-projects Simple Chat System 1.0. Vulnerable component: sendMessage.php. Root cause: improper validation of argument type/length/business parameter validity leading to SQL injection. Attack could be launched remotely and the exploit is publicly available. CVSS metrics...
CVE-2026-8125 code-projects Simple Chat System sendMessage.php sql injection
A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...
CVE-2026-8125
A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...
PT-2026-38629
Name of the Vulnerable Software and Affected Versions Simple Chat System version 1.0 Description An issue exists in the 'sendMessage.php' file where improper manipulation of argument type, length, or business parameter validity allows for SQL injection. This flaw can be exploited remotely...
CVE-2026-7103
A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file updateuser.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...
CVE-2026-7103 code-projects Chat System MD5 Hash update_user.php weak hash
A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file updateuser.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...
EUVD-2026-25803
A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file updateuser.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...
CVE-2026-7103
Code-projects Chat System 1.0 is affected by CVE-2026-7103. The flaw is in the MD5 Hash Handler, specifically the update_user.php file, where manipulating the Password argument can cause the system to use a weak hash. It is described as remotely exploitable with high attack complexity and difficu...
CVE-2026-7090
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
EUVD-2026-25774
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
CVE-2026-7090
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/sendmessage.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
PT-2026-35356
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send message.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public...
PT-2026-35379
A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...