Lucene search
K

316 matches found

NVD
NVD
added 2024/01/18 11:15 p.m.27 views

CVE-2024-0695

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

5.3CVSS4.9AI score0.00969EPSS
Exploits1References5
OSV
OSV
added 2024/01/18 11:15 p.m.8 views

CVE-2024-0695

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

5.3CVSS5AI score0.00969EPSS
Exploits1References5
Prion
Prion
added 2024/01/18 11:15 p.m.24 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

4CVSS7AI score0.00969EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2024/01/18 10:31 p.m.35 views

CVE-2024-0695

CVE-2024-0695 affects EFS Easy Chat Server 3.1. The vulnerability resides in the HTTP GET Request Handler, where manipulating the USERNAME argument causes a remote denial of service. Exploitation is possible remotely and the exploit has been disclosed publicly. Connected sources consistently desc...

5.3CVSS5.3AI score0.00969EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2024/01/18 10:31 p.m.26 views

CVE-2024-0695 EFS Easy Chat Server HTTP GET Request denial of service

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

4.3CVSS5.6AI score0.00969EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/01/18 12:0 a.m.8 views

Efs Software EFS Easy Chat Server Security Vulnerability

Efs Software EFS Easy Chat Server is a suite of online chat server software from the Dutch company Efs Software. A security vulnerability exists in EFS Easy Chat Server version 3.1 due to a denial of service DOS vulnerability in the parameter USERNAME of the component HTTP GET Request Handler...

5.3CVSS6.6AI score0.00969EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.10 views

PT-2024-15756 · Unknown · Efs Easy Chat Server

Name of the Vulnerable Software and Affected Versions: EFS Easy Chat Server version 3.1 Description: A problematic issue has been found in the HTTP GET Request Handler component of the affected software. The manipulation of the USERNAME argument leads to denial of service. This issue can be...

5.3CVSS7.1AI score0.00969EPSS
Exploits1References10
NVD
NVD
added 2023/10/04 1:15 p.m.23 views

CVE-2023-4495

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
NVD
NVD
added 2023/10/04 1:15 p.m.21 views

CVE-2023-4494

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

9.8CVSS9.8AI score0.009EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.3 views

CVE-2023-4497

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.6 views

CVE-2023-4495

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
NVD
NVD
added 2023/10/04 1:15 p.m.22 views

CVE-2023-4496

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

6.1CVSS6AI score0.0037EPSS
Exploits1References1
NVD
NVD
added 2023/10/04 1:15 p.m.23 views

CVE-2023-4497

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.4 views

CVE-2023-4496

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.6 views

CVE-2023-4494

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

9.8CVSS6.5AI score0.009EPSS
Exploits1References1
Prion
Prion
added 2023/10/04 1:15 p.m.24 views

Stack overflow

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

7.5CVSS9.7AI score0.009EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/04 1:15 p.m.21 views

Cross site scripting

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

5.8CVSS5.8AI score0.0037EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/04 1:15 p.m.23 views

Cross site scripting

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...

5.8CVSS5.8AI score0.0037EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/04 1:15 p.m.20 views

Cross site scripting

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

5.8CVSS5.9AI score0.0037EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/04 12:32 p.m.17 views

CVE-2023-4497 Easy Chat Server XSS vulnerability

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...

6.1CVSS5.1AI score0.0037EPSS
Exploits1References1
Rows per page
Query Builder