191 matches found
CVE-2006-5898
CVE-2006-5898 describes a directory traversal vulnerability in PhpMyChat (versions up to 0.14.5) affecting the localization/languages.lib.php3 component. An attacker can supply a ". ." sequence in the ChatPath parameter to read arbitrary files on the server. The issue arises from improper validat...
phpmychat0145traverse.txt
Title : PhpMyChat = 0.14.5 Source Code Disclosure Vulnerability Author : ajann Dork : phpMyChat 0.14.5 , phpMyChat Vuln; File localization/languages.lib.php3 /File Code,1 languages.lib.php3 Error: .. .... require"./$ChatPathconfig/config.lib.php3";...
phpmychatPlus19.txt
a Title : PhpMyChat Plus = 1.9 Multiple Source Code Disclosure Vulnerabilities Author : ajann Dork : phpMyChat plus Vuln; Files avatar.php colorhelppopup.php colorpopup.php index.php index1.php /lib/connectedusers.lib.php /lib/index.lib.php logs.php phpMyChat.php3 /Files Code,1...
PhpMyChat Plus <= 1.9 Multiple Source Code Disclosure Vulnerabilities
a Title : PhpMyChat Plus = 1.9 Multiple Source Code Disclosure Vulnerabilities Author : ajann Dork : phpMyChat plus Vuln; Files avatar.php colorhelppopup.php colorpopup.php index.php index1.php /lib/connectedusers.lib.php /lib/index.lib.php logs.php phpMyChat.php3 /Files Code,1...
PhpMyChat <= 0.14.5 Source Code Disclosure Vulnerability
Title : PhpMyChat = 0.14.5 Source Code Disclosure Vulnerability Author : ajann Dork : phpMyChat 0.14.5 , phpMyChat Vuln; File localization/languages.lib.php3 /File Code,1 languages.lib.php3 Error: .. .... require"./$ChatPathconfig/config.lib.php3";...
PHPMyChat Plus 1.9 - Multiple Local File Inclusions
source: https://www.securityfocus.com/bid/20972/info phpMyChat is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an unauthorized user to view files and execute local scripts. phpMyChat Plus 1.9 and...
PHPMyChat Plus 1.9 - Multiple Local File Inclusions
PHPMyChat Plus 1.9 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/20972/info phpMyChat is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an unauthorized user to view file...
PHPMyChat 0.140.15 - Languages.Lib.php Local File Inclusion
PHPMyChat 0.140.15 - Languages.Lib.php Local File Inclusion source: https://www.securityfocus.com/bid/20962/info phpMyChat is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files a...
PHPMyChat 0.14/0.15 - 'Languages.Lib.php' Local File Inclusion
source: https://www.securityfocus.com/bid/20962/info phpMyChat is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. phpMyChat 0.15.0 and prior version...
phpMyChat-0.1.txt
SolpotCrew Community phpMyChat 0.1 ChatPath Remote File Inclusion vendor : http://www.phpheaven.net/phpmychat:home Bug Found By :Solpot a.k.a k. Hasibuan 26-09-2006 contact: [email protected] Website : http://www.nyubicrew.org/adv/solpot-adv-09.txt Greetz: choi , h4ntu , Ibnusina , r4dja ,...
CVE-2006-5088
PHP remote file inclusion vulnerability in connectedusers.lib.php3 in phpHeaven phpMyChat 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the ChatPath parameter...
CVE-2006-5088
The connected documents confirm a PHP remote file inclusion in phpMyChat 0.1, specifically in connected_users.lib.php3, exploitable by supplying a URL in the ChatPath parameter to run arbitrary PHP code. The PT-2006-5826 entry reiterates the affected software and suggests restricting access to th...
CVE-2006-5088
PHP remote file inclusion vulnerability in connectedusers.lib.php3 in phpHeaven phpMyChat 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the ChatPath parameter...
PT-2006-5826 · Phpmychat · Phpmychat
Name of the Vulnerable Software and Affected Versions: phpMyChat version 0.1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the ChatPath parameter in the connected users.lib.php3 file. Recommendations: For phpMyChat version 0.1, consider restricting acce...
phpMyChat 0.14.5 Remote File Include Vulnerability
hi bro !!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!! -------------------------------------------------------------------------------- Title : phpMyChat 0.14.5 Remote File Include Vulnerability -------------------------------------------------------------------------------- Author: CrackersChild...
SolpotCrew Advisory #13 - phpMyChat 0.1 (ChatPath) Remote File Inclusion
SolpotCrew Community phpMyChat 0.1 ChatPath Remote File Inclusion vendor : http://www.phpheaven.net/phpmychat:home Bug Found By :Solpot a.k.a k. Hasibuan 26-09-2006 contact: [email protected] Website : http://www.nyubicrew.org/adv/solpot-adv-09.txt Greetz: choi , h4ntu , Ibnusina , r4dja ,...
CVE-2006-1669
SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team PHPMyChat 0.14.5 and earlier allows remote attackers to execute arbitrary SQL commands via the T parameter. NOTE: this issue can be leveraged to execute arbitrary shell commands since the username is later processed in an eval...
Sql injection
SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team PHPMyChat 0.14.5 and earlier allows remote attackers to execute arbitrary SQL commands via the T parameter. NOTE: this issue can be leveraged to execute arbitrary shell commands since the username is later processed in an eval...
CVE-2006-1669
SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team PHPMyChat 0.14.5 and earlier allows remote attackers to execute arbitrary SQL commands via the T parameter. NOTE: this issue can be leveraged to execute arbitrary shell commands since the username is later processed in an eval...
CVE-2006-1669
The CVE-2006-1669 entry documents a SQL injection in phpHeaven Team PHPMyChat 0.14.5 and earlier, exploitable via the T parameter in chat/messagesL.php3. The underlying issue allows remote command execution as the username is later processed in an eval() call, and the username originates from the...