67 matches found
CVE-2023-30326
Cross Site Scripting XSS vulnerability in username field in /WebContent/WEB-INF/lib/chatbox.jsp in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2023-30323
SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information...
CVE-2023-30323
SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information...
CVE-2023-30325
SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to gain sensitive information...
CVE-2023-30322
Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to execute arbitrary code...
CVE-2023-30323
SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information...
CVE-2023-30325
SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to gain sensitive information...
CVE-2023-30322
Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to execute arbitrary code...
CVE-2023-30325
SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to gain sensitive information...
CVE-2023-30322
Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to execute arbitrary code...
Sql injection
SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to gain sensitive information...
Sql injection
SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information...
Cross site scripting
Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to execute arbitrary code...
Cross site scripting
Cross Site Scripting XSS vulnerability in username field in /WebContent/WEB-INF/lib/chatbox.jsp in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2023-30325
SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to gain sensitive information...
CVE-2023-30321
Cross Site Scripting XSS vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2023-30326
Cross Site Scripting XSS vulnerability in username field in /WebContent/WEB-INF/lib/chatbox.jsp in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2023-30322
Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to execute arbitrary code...
PT-2023-22631 · Unknown · Wliang6 Chatengine
Name of the Vulnerable Software and Affected Versions: wliang6 ChatEngine affected versions not specified Description: A Cross Site Scripting XSS issue exists in the textMessage field in /src/chatbotapp/LoginServlet.java of wliang6 ChatEngine, allowing attackers to execute arbitrary code. This...
CVE-2023-30323
Payatu ChatEngine v1.0 is affected by CVE-2023-30323 due to a SQL injection in the username field of /src/chatbotapp/chatWindow.java, enabling exposure of sensitive information. The root cause is a SQL injection vulnerability in the username input path; no detailed exploit specifics are provided ...