Code-Projects Simple ChatBox 代码注入漏洞

Code-Projects Simple ChatBox is a simple chat box system developed by Code-Projects as open source. Versions of Code-Projects Simple ChatBox 1.0 and earlier contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter “msg” in the file...

PT-2026-32262

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has...

EUVD-2020-23507

Malware in sbrugna...

EUVD-2025-28872

Malicious code in bioql PyPI...

CVE-2025-9651 shafhasan chatbox chat.php sql injection

A vulnerability was found in shafhasan chatbox up to 156a39cde62f78532c3265a70eda12c70907e56f. This impacts an unknown function of the file /chat.php. The manipulation of the argument userid results in sql injection. The attack may be performed from a remote location. The exploit has been made...

CVE-2020-35852

Chatbox is affected by cross-site scripting XSS. An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS...

CVE-2024-48140

A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

PT-2024-32998

Name of the Vulnerable Software and Affected Versions Blackbox AI version 1.3.95 Description A prompt injection issue in the chatbox allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message. Recommendations For...

PT-2024-33004 · Unknown · Fusion Chat Chat Ai Assistant

Name of the Vulnerable Software and Affected Versions: Fusion Chat Chat AI Assistant Ask Me Anything version 1.2.4.0 Description: A prompt injection issue in the chatbox allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a...

PT-2024-33002 · Butterfly Effect Limited · Monica Chatgpt Ai Assistant

Name of the Vulnerable Software and Affected Versions: Butterfly Effect Limited Monica ChatGPT AI Assistant version 2.4.0 Description: A prompt injection issue in the chatbox allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via ...