Lucene search
K

4 matches found

NVD
NVD
added 2026/02/05 4:15 p.m.7 views

CVE-2020-37151

phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmcusername parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database...

8.8CVSS0.00383EPSS
Exploits1References3
CVE
CVE
added 2026/02/05 3:25 p.m.13 views

CVE-2020-37151

CVE-2020-37151 affects PHPMyChat Plus 1.98, with a SQL injection in deluser.php via the pmc_username parameter. The root cause is improper handling of user input in the deluser.php code, enabling attackers to craft payloads that perform boolean-based, error-based, and time-based blind SQL injecti...

8.8CVSS5.6AI score0.00383EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/05 3:25 p.m.5 views

CVE-2020-37151

phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmcusername parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database...

8.8CVSS5.6AI score0.00383EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/05 3:25 p.m.36 views

CVE-2020-37151 phpMyChat Plus 1.98 'deluser.php' SQL Injection

phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmcusername parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database...

8.8CVSS0.00383EPSS
Exploits1References3
Rows per page
Query Builder