CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Cvelist•added 2009/08/24 10:0 a.m.•28 views

CVE-2008-7048

Multiple cross-site scripting XSS vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the 1 txtUsername parameter to registerDo.asp, as invoked from register.asp, or 2 txtRoomName parameter to roomnew.asp. NOTE: these issues might be resultant from...

5.8AI score0.01062EPSS

Exploits1References3

NVD•added 2008/12/16 7:7 p.m.•13 views

CVE-2008-5602

Natterchat 1.12 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for natterchat112.mdb...

5CVSS6.3AI score0.02587EPSS

Exploits0References3

Prion•added 2008/12/16 7:7 p.m.•11 views

Improper access control

5CVSS6.9AI score0.02587EPSS

Exploits0References3Affected Software1

exploitpack•added 2008/12/07 12:0 a.m.•16 views

Natterchat 1.12 - Database Disclosure

Natterchat 1.12 - Database Disclosure -----------------------------OffensiveTrack------------------------------ ---------------------------- Tunisian Muslim ------------------------------ found by : OffensiveTrack Author : AlpHaNiX website : www.offensivetrack.org contact : AlpHaATHACKERDOTBZ...

7.4AI score

Exploits0

Cvelist•added 2005/07/10 4:0 a.m.•17 views

CVE-2004-2206

SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

8.2AI score0.01333EPSS

Exploits0References6

Rows per page