46 matches found
EUVD-2004-2198
Malware in sbrugna...
EUVD-2008-7007
Malware in sbrugna...
EUVD-2008-7008
Malware in sbrugna...
NatterChat 1.1 - Remote Admin Bypass Vulnerability
No description provided by source. ============================================================================== NATTERCHAT v1.1 Admin Home Bypass Vulnerability ============================================================================== » Script : NATTERCHAT v1.1 » Discover: Mountassif Moad =...
NatterChat Multiple XSS And SQL Injection Vulnerabilities
NatterChat is prone to multiple XSS and SQL Injection vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NatterChat Version Detection
This script detects the installed version of NatterChat. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NatterChat Security Bypass Vulnerability
NatterChat is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NatterChat Multiple XSS And SQL Injection Vulnerabilities
The host is running NatterChat and is prone to multiple XSS and SQL Injection vulnerabilities. OpenVAS Vulnerability Test $Id: secpodnatterchatmultxssnsqlinjvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ NatterChat Multiple XSS And SQL Injection Vulnerabilities Authors: Antu Sanadi Copyright:...
NatterChat Security Bypass Vulnerability
The host is running NatterChat and is prone to Security Bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodnatterchatsecbypassvul.nasl 5122 2017-01-27 12:16:00Z teissa $ NatterChat Security Bypass Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod, http://www.secpod.co...
CVE-2008-7047
NatterChat 1.1 allows remote attackers to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp...
CVE-2008-7049
Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the 1 txtUsername parameter aka Username and 2 txtPassword parameter aka Password in a form generated by home.asp. NOTE: due to lack of details, it is not...
CVE-2008-7048
Multiple cross-site scripting XSS vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the 1 txtUsername parameter to registerDo.asp, as invoked from register.asp, or 2 txtRoomName parameter to roomnew.asp. NOTE: these issues might be resultant from...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the 1 txtUsername parameter to registerDo.asp, as invoked from register.asp, or 2 txtRoomName parameter to roomnew.asp. NOTE: these issues might be resultant from...
Authentication flaw
NatterChat 1.1 allows remote attackers to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp...
Sql injection
Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the 1 txtUsername parameter aka Username and 2 txtPassword parameter aka Password in a form generated by home.asp. NOTE: due to lack of details, it is not...
CVE-2008-7049
Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the 1 txtUsername parameter aka Username and 2 txtPassword parameter aka Password in a form generated by home.asp. NOTE: due to lack of details, it is not...
CVE-2008-7049
NatterChat is affected by SQL injection in login.asp for versions 1.1 and 1.12, exploitable via the (1) txtUsername and (2) txtPassword fields in the form generated by home.asp. The issue is caused by improper input handling that allows remote attackers to craft SQL commands. OpenVAS and CVE refe...
CVE-2008-7047
NatterChat 1.1 allows remote attackers to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp...
CVE-2008-7048
Multiple cross-site scripting XSS vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the 1 txtUsername parameter to registerDo.asp, as invoked from register.asp, or 2 txtRoomName parameter to roomnew.asp. NOTE: these issues might be resultant from...
CVE-2008-7047
CVE-2008-7047 affects NatterChat 1.1, where remote attackers can bypass authentication and obtain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp. The OpenVAS entries and NVD record corroborate a security bypass vulnerability with a CVSSv2 base...