4 matches found
CVE-2020-37151
phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmcusername parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database...
CVE-2020-37151
CVE-2020-37151 affects PHPMyChat Plus 1.98, with a SQL injection in deluser.php via the pmc_username parameter. The root cause is improper handling of user input in the deluser.php code, enabling attackers to craft payloads that perform boolean-based, error-based, and time-based blind SQL injecti...
CVE-2020-37151 phpMyChat Plus 1.98 'deluser.php' SQL Injection
phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmcusername parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database...
CVE-2020-37151
phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmcusername parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database...