158 matches found
CVE-2025-25875
Affected software: ITSourcecode Simple ChatBox (up to v1.0). Vulnerable component: /message.php. Root cause: SQL injection in the file as stated. Impact: Confidentiality and integrity are marked HIGH; availability LOW. Attack vector: Network; required privileges: HIGH; user interaction required. ...
CVE-2025-25878
The CVE-2025-25878 entry concerns ITSourcecode Simple ChatBox (up to version 1.0). The vulnerability is tied to the /del.php file, where SQL injection may allow an attacker to obtain sensitive data. The publicly documented impact is limited to data disclosure with a CVSSv3.1 base score of 3.8 (LO...
CVE-2025-25878
A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data...
CVE-2025-25877
The CVE-2025-25877 entry concerns ITSourcecode Simple ChatBox (versions up to 1.0). The vulnerability affects unknown code in the /admin.php file and enables SQL injection to obtain sensitive data . Reported impact indicates potential data exposure with a low base score (CVSS 3.1: 3.8, LOW) and i...
itsourcecode Simple ChatBox 安全漏洞
itsourcecode Simple ChatBox is an open source management system for itsourcecode. A security vulnerability exists in itsourcecode Simple ChatBox version 1.0 and earlier versions. An attacker exploiting the vulnerability can obtain sensitive data...
CVE-2025-25876
A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data...
CVE-2025-25875
A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack can use SQL injection to obtain sensitive data...
CVE-2025-25876
A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data...
PT-2025-7579 · Itsourcecode · Itsourcecode Simple Chatbox
Name of the Vulnerable Software and Affected Versions: ITSourcecode Simple ChatBox versions up to 1.0 Description: A vulnerability was found in ITSourcecode Simple ChatBox, affecting unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data. Recommendations:...
CVE-2025-25876
ITSourcecode Simple ChatBox (≤1.0) is affected by a SQL injection in the /delete.php file. Root cause: improper handling of SQL queries in that file enabling data exfiltration. Impact per cited sources: confidentiality, integrity, and availability are HIGH (CVSS 3.1: 7.2). Mitigation mentioned in...
CVE-2024-48141
A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48139
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48140
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48144
A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48142
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI Assistant v2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48139
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48142
CVE-2024-48142 describes a prompt-injection vulnerability in Butterfly Effect Limited’s Monica ChatGPT AI Assistant v2.4.0. The flaw exists in the chatbox and enables a crafted message to access and exfiltrate all previous and subsequent chat data between the user and the AI. The issue affects co...
CVE-2024-48140
CVE-2024-48140 is described across multiple sources (NVD, Red Hat, CNNVD, CVE lists) as a prompt-injection vulnerability in the chatbox of Butterfly Effect Limited’s Monica Your AI Copilot powered by ChatGPT4 v6.3.0. The concrete detail available is that the affected software is Monica Your AI Co...
CVE-2024-48144
Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 is affected by a prompt injection vulnerability in its chatbox that allows a crafted message to access and exfiltrate all previous and subsequent chat data between the user and the AI. The CVE entry (CVE-2024-48144) is rated CRITICAL (CVSSv3....
PT-2024-32998
Name of the Vulnerable Software and Affected Versions Blackbox AI version 1.3.95 Description A prompt injection issue in the chatbox allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message. Recommendations For...