8 matches found
phpMyChat-Plus 1.98 - Cross-Site Scripting
phpMyChat-Plus 1.98 contains a cross-site scripting vulnerability via pmcusername parameter of passreset.php in password reset URL. id: CVE-2019-19908 info: name: phpMyChat-Plus 1.98 - Cross-Site Scripting author: madrobot severity: medium description: | phpMyChat-Plus 1.98 contains a cross-site...
phpMyChat-Plus 1.98 - (pmc_username) Reflected Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version:...
phpMyChat-Plus 1.98 Cross Site Scripting
Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version: 1.98 CVE: CVE-2019-19908 Description...
CVE-2019-19908
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmcusername parameter to passreset.php is vulnerable...
CVE-2019-19908
CVE-2019-19908 concerns phpMyChat-Plus 1.98, with a reflected XSS in the password reset flow. The vulnerability is triggered via the pmc_username parameter in pass_reset.php, allowing an attacker to inject JavaScript that runs in the victim’s browser. This could potentially lead to session hijack...
phpMyChat-Plus 1.98 - pmc_username Reflected Cross-Site Scripting
phpMyChat-Plus 1.98 - pmcusername Reflected Cross-Site Scripting Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/...
phpMyChat-Plus 1.98 - 'pmc_username' Reflected Cross-Site Scripting
Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version: 1.98 CVE: CVE-2019-19908 Description...
CVE-2019-19908
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmcusername parameter to passreset.php is vulnerable. Recent assessments: cinzinga at March 09, 2020 9:23pm UTC reported: I am the founder of this exploit. Google dorking...