PT-2025-7581 · Itsourcecode · Itsourcecode Simple Chatbox

Name of the Vulnerable Software and Affected Versions: ITSourcecode Simple ChatBox versions up to 1.0 Description: A vulnerability was found in ITSourcecode Simple ChatBox, affecting unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data. Recommendations: For...

Cross site scripting

Chatbox is affected by cross-site scripting XSS. An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS...