Lucene search
K

8 matches found

Nuclei
Nuclei
added yesterday125 views

phpMyChat-Plus 1.98 - Cross-Site Scripting

phpMyChat-Plus 1.98 contains a cross-site scripting vulnerability via pmcusername parameter of passreset.php in password reset URL. id: CVE-2019-19908 info: name: phpMyChat-Plus 1.98 - Cross-Site Scripting author: madrobot severity: medium description: | phpMyChat-Plus 1.98 contains a cross-site...

6.1CVSS6.3AI score0.21232EPSS
Exploits4References5
0day.today
0day.today
added 2019/12/23 12:0 a.m.141 views

phpMyChat-Plus 1.98 - (pmc_username) Reflected Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version:...

7.1AI score0.21232EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/12/22 12:0 a.m.139 views

phpMyChat-Plus 1.98 Cross Site Scripting

Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version: 1.98 CVE: CVE-2019-19908 Description...

6.3AI score0.21232EPSS
Exploits4
Cvelist
Cvelist
added 2019/12/20 12:47 p.m.39 views

CVE-2019-19908

phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmcusername parameter to passreset.php is vulnerable...

6.3AI score0.21232EPSS
Exploits4References3
CVE
CVE
added 2019/12/20 12:47 p.m.88 views

CVE-2019-19908

CVE-2019-19908 concerns phpMyChat-Plus 1.98, with a reflected XSS in the password reset flow. The vulnerability is triggered via the pmc_username parameter in pass_reset.php, allowing an attacker to inject JavaScript that runs in the victim’s browser. This could potentially lead to session hijack...

6.1CVSS6.1AI score0.21232EPSS
Exploits4References3Affected Software1
exploitpack
exploitpack
added 2019/12/20 12:0 a.m.126 views

phpMyChat-Plus 1.98 - pmc_username Reflected Cross-Site Scripting

phpMyChat-Plus 1.98 - pmcusername Reflected Cross-Site Scripting Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/...

4.3CVSS0.21232EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/12/20 12:0 a.m.128 views

phpMyChat-Plus 1.98 - 'pmc_username' Reflected Cross-Site Scripting

Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version: 1.98 CVE: CVE-2019-19908 Description...

6.1CVSS6.5AI score0.21232EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2019/06/19 12:0 a.m.14 views

CVE-2019-19908

phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmcusername parameter to passreset.php is vulnerable. Recent assessments: cinzinga at March 09, 2020 9:23pm UTC reported: I am the founder of this exploit. Google dorking...

6.1CVSS1AI score0.21232EPSS
Exploits4References4
Rows per page
Query Builder