Lucene search
K

192 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:24 a.m.8 views

CVE-2024-0695

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

5.3CVSS6.8AI score0.00969EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:34 p.m.10 views

CVE-2022-44939

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...

7.8CVSS8.2AI score0.00387EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:32 a.m.12 views

CVE-2017-9557

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response...

7.5CVSS7.3AI score0.01673EPSS
Exploits1References1
NVD
NVD
added 2024/01/18 11:15 p.m.27 views

CVE-2024-0695

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

5.3CVSS4.9AI score0.00969EPSS
Exploits1References5
OSV
OSV
added 2024/01/18 11:15 p.m.8 views

CVE-2024-0695

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

5.3CVSS5AI score0.00969EPSS
Exploits1References5
Prion
Prion
added 2024/01/18 11:15 p.m.24 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

4CVSS7AI score0.00969EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2024/01/18 10:31 p.m.26 views

CVE-2024-0695 EFS Easy Chat Server HTTP GET Request denial of service

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

4.3CVSS5.6AI score0.00969EPSS
Exploits1References5
CVE
CVE
added 2024/01/18 10:31 p.m.35 views

CVE-2024-0695

CVE-2024-0695 affects EFS Easy Chat Server 3.1. The vulnerability resides in the HTTP GET Request Handler, where manipulating the USERNAME argument causes a remote denial of service. Exploitation is possible remotely and the exploit has been disclosed publicly. Connected sources consistently desc...

5.3CVSS5.3AI score0.00969EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.10 views

PT-2024-15756 · Unknown · Efs Easy Chat Server

Name of the Vulnerable Software and Affected Versions: EFS Easy Chat Server version 3.1 Description: A problematic issue has been found in the HTTP GET Request Handler component of the affected software. The manipulation of the USERNAME argument leads to denial of service. This issue can be...

5.3CVSS7.1AI score0.00969EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/01/18 12:0 a.m.8 views

Efs Software EFS Easy Chat Server Security Vulnerability

Efs Software EFS Easy Chat Server is a suite of online chat server software from the Dutch company Efs Software. A security vulnerability exists in EFS Easy Chat Server version 3.1 due to a denial of service DOS vulnerability in the parameter USERNAME of the component HTTP GET Request Handler...

5.3CVSS6.6AI score0.00969EPSS
Exploits1References2
NVD
NVD
added 2023/10/04 1:15 p.m.23 views

CVE-2023-4495

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
NVD
NVD
added 2023/10/04 1:15 p.m.21 views

CVE-2023-4494

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

9.8CVSS9.8AI score0.009EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.3 views

CVE-2023-4497

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.6 views

CVE-2023-4494

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

9.8CVSS6.5AI score0.009EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.6 views

CVE-2023-4495

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
OSV
OSV
added 2023/10/04 1:15 p.m.4 views

CVE-2023-4496

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
NVD
NVD
added 2023/10/04 1:15 p.m.23 views

CVE-2023-4496

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

6.1CVSS6AI score0.0037EPSS
Exploits1References1
NVD
NVD
added 2023/10/04 1:15 p.m.24 views

CVE-2023-4497

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...

6.1CVSS5.8AI score0.0037EPSS
Exploits1References1
Prion
Prion
added 2023/10/04 1:15 p.m.21 views

Cross site scripting

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...

5.8CVSS5.8AI score0.0037EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/04 1:15 p.m.21 views

Cross site scripting

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /body2.ghp POST method, in the mtowho parameter...

5.8CVSS5.9AI score0.0037EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder