Lucene search
K

158 matches found

CVE
CVE
added 2025/02/21 12:0 a.m.590 views

CVE-2025-25875

Affected software: ITSourcecode Simple ChatBox (up to v1.0). Vulnerable component: /message.php. Root cause: SQL injection in the file as stated. Impact: Confidentiality and integrity are marked HIGH; availability LOW. Attack vector: Network; required privileges: HIGH; user interaction required. ...

6.4CVSS7.3AI score0.00348EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/02/21 12:0 a.m.73 views

CVE-2025-25878

The CVE-2025-25878 entry concerns ITSourcecode Simple ChatBox (up to version 1.0). The vulnerability is tied to the /del.php file, where SQL injection may allow an attacker to obtain sensitive data. The publicly documented impact is limited to data disclosure with a CVSSv3.1 base score of 3.8 (LO...

3.8CVSS7.3AI score0.00263EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/02/21 12:0 a.m.36 views

CVE-2025-25878

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data...

0.00263EPSS
Exploits1References1
CVE
CVE
added 2025/02/21 12:0 a.m.79 views

CVE-2025-25877

The CVE-2025-25877 entry concerns ITSourcecode Simple ChatBox (versions up to 1.0). The vulnerability affects unknown code in the /admin.php file and enables SQL injection to obtain sensitive data . Reported impact indicates potential data exposure with a low base score (CVSS 3.1: 3.8, LOW) and i...

3.8CVSS7.3AI score0.00263EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/02/21 12:0 a.m.6 views

itsourcecode Simple ChatBox 安全漏洞

itsourcecode Simple ChatBox is an open source management system for itsourcecode. A security vulnerability exists in itsourcecode Simple ChatBox version 1.0 and earlier versions. An attacker exploiting the vulnerability can obtain sensitive data...

6.4CVSS6.6AI score0.00348EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/21 12:0 a.m.36 views

CVE-2025-25876

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data...

0.00438EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/21 12:0 a.m.12 views

CVE-2025-25875

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack can use SQL injection to obtain sensitive data...

6.8AI score0.00348EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/21 12:0 a.m.9 views

CVE-2025-25876

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data...

7.3AI score0.00438EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.5 views

PT-2025-7579 · Itsourcecode · Itsourcecode Simple Chatbox

Name of the Vulnerable Software and Affected Versions: ITSourcecode Simple ChatBox versions up to 1.0 Description: A vulnerability was found in ITSourcecode Simple ChatBox, affecting unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data. Recommendations:...

7.2CVSS7.9AI score0.00438EPSS
Exploits1References7
CVE
CVE
added 2025/02/21 12:0 a.m.76 views

CVE-2025-25876

ITSourcecode Simple ChatBox (≤1.0) is affected by a SQL injection in the /delete.php file. Root cause: improper handling of SQL queries in that file enabling data exfiltration. Impact per cited sources: confidentiality, integrity, and availability are HIGH (CVSS 3.1: 7.2). Mitigation mentioned in...

7.2CVSS7.3AI score0.00438EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/10/24 7:15 p.m.17 views

CVE-2024-48141

A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS0.00422EPSS
Exploits0References2
NVD
NVD
added 2024/10/24 7:15 p.m.25 views

CVE-2024-48139

A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS0.00477EPSS
Exploits0References2
NVD
NVD
added 2024/10/24 7:15 p.m.22 views

CVE-2024-48140

A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS0.00413EPSS
Exploits0References2
NVD
NVD
added 2024/10/24 7:15 p.m.12 views

CVE-2024-48144

A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

9.1CVSS0.0054EPSS
Exploits0References2
NVD
NVD
added 2024/10/24 7:15 p.m.22 views

CVE-2024-48142

A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI Assistant v2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS0.00417EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.25 views

CVE-2024-48139

A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

0.00477EPSS
Exploits0References2
CVE
CVE
added 2024/10/24 12:0 a.m.56 views

CVE-2024-48142

CVE-2024-48142 describes a prompt-injection vulnerability in Butterfly Effect Limited’s Monica ChatGPT AI Assistant v2.4.0. The flaw exists in the chatbox and enables a crafted message to access and exfiltrate all previous and subsequent chat data between the user and the AI. The issue affects co...

7.5CVSS7.1AI score0.00417EPSS
Exploits0References2
CVE
CVE
added 2024/10/24 12:0 a.m.72 views

CVE-2024-48140

CVE-2024-48140 is described across multiple sources (NVD, Red Hat, CNNVD, CVE lists) as a prompt-injection vulnerability in the chatbox of Butterfly Effect Limited’s Monica Your AI Copilot powered by ChatGPT4 v6.3.0. The concrete detail available is that the affected software is Monica Your AI Co...

7.5CVSS7.1AI score0.00413EPSS
Exploits0References2
CVE
CVE
added 2024/10/24 12:0 a.m.54 views

CVE-2024-48144

Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 is affected by a prompt injection vulnerability in its chatbox that allows a crafted message to access and exfiltrate all previous and subsequent chat data between the user and the AI. The CVE entry (CVE-2024-48144) is rated CRITICAL (CVSSv3....

9.1CVSS7.1AI score0.0054EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.3 views

PT-2024-32998

Name of the Vulnerable Software and Affected Versions Blackbox AI version 1.3.95 Description A prompt injection issue in the chatbox allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message. Recommendations For...

7.5CVSS5.8AI score0.00477EPSS
Exploits0References5
Rows per page
Query Builder