PHPMyChat 0.14.6 - start_page.css.php?medium Cross-Site Scripting

PHPMyChat 0.14.6 - startpage.css.php?medium Cross-Site Scripting source: https://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues t...

phpMyChat Information Disclosure

phpMyChat may allow an attacker to cause an information disclosure vulnerability allowing an attacker to cause the program to reveal the SQL username and password, the phpMyChat SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are...

phpmychat0145.txt

www.phpheaven.net/ Vulnerable versions: PHPMyChat 0.14.5 Proof of concept: http://www.example.com/chat/config/start-page.css.php3?Charset=iso-8859-1&medium=10&FontName=var%20test=1;alerttest;...

CVE-2005-1619

PHPMyChat 0.14.5 is affected by multiple XSS vulnerabilities in start_page.css.php3 and style.css.php3, exploitable via the FontName parameter to inject arbitrary script/HTML. The issue is documented as CVE-2005-1619; notes indicate 0.14.5 is affected. Affected components are the PHPMyChat front-...

CVE-2005-1619

Multiple cross-site scripting XSS vulnerabilities in 1 startpage.css.php3 aka start-page.css.php3 or 2 style.css.php3 in PHPMyChat 0.14.5 allow remote attackers to inject arbitrary web script or HTML commands via the FontName parameter. NOTE: it was later reported that 0.14.5 is also affected...

PHPHeaven PHPMyChat Cross-site Scripting Vulnerablitiy

www.phpheaven.net/ Vulnerable versions: PHPMyChat 0.14.5 Proof of concept: http://www.example.com/chat/config/start-page.css.php3?Charset=iso-8859-1&medium=10&FontName=scriptvar20test=1;alerttest;/script...

PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting

PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/13627/info phpMyChat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

PHPHeaven PHPMyChat 0.14.5 - 'Start-Page.CSS.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13627/info phpMyChat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-Site Scripting

PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/13628/info phpMyChat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

PHPHeaven PHPMyChat 0.14.5 - 'Style.CSS.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13628/info phpMyChat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

CVE-2004-2716

Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.14.5 allow remote attackers to execute arbitrary SQL commands via the 1 sortBy, 2 sortOrder, 3 startReg, 4 U, 5 LastCheck , and 6 R parameters...

CVE-2004-2717

Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. dot dot in the 1 sheet and 2 What parameters...

CVE-2004-2718

PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request...

CVE-2004-2715

edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the donotlogin parameter to false...

pmc.pl.txt

| | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. phpMyChat remote sploit by sysbug C:\Perl\binperl pmc.pl www.kublooddrive.com /chat / Mysql dump : CDBHOST : localhost CDBNAME : jhawkpchat1 CDBUSER : jhawkpchat1 CDBPASS : vvejTjeLgB Adding Admin .... login:jhawk pwd:owned /...

phpMyChat 0.14.5 Remote Improper File Permissions Exploit

Exploit for unknown platform in category web applications ========================================================= phpMyChat 0.14.5 Remote Improper File Permissions Exploit ========================================================= | | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security...

phpMyChat 0.14.5 Remote Improper File Permissions Exploit

No description provided by source. | | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. phpMyChat remote sploit by sysbug C:\Perl\binperl pmc.pl www.kublooddrive.com /chat / Mysql dump : CDBHOST : localhost CDBNAME : jhawkpchat1 CDBUSER : jhawkpchat1 CDBPASS : vvejTjeLgB Adding...

phpMyChat 0.14.5 - Remote Improper File Permissions

| | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. phpMyChat remote sploit by sysbug C:\Perl\binperl pmc.pl www.kublooddrive.com /chat / Mysql dump : CDBHOST : localhost CDBNAME : jhawkpchat1 CDBUSER : jhawkpchat1 CDBPASS : vvejTjeLgB Adding Admin .... login:jhawk pwd:owned /...

phpMyChat 0.14.5 - Remote Improper File Permissions

phpMyChat 0.14.5 - Remote Improper File Permissions | | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. phpMyChat remote sploit by sysbug C:\Perl\binperl pmc.pl www.kublooddrive.com /chat / Mysql dump : CDBHOST : localhost CDBNAME : jhawkpchat1 CDBUSER : jhawkpchat1 CDBPASS :...

phpMyChat 0.14.5

Informations : °°°°°°°°°°°° Language : PHP Bugged Version : phpMyChat ver. 0.14.5 and less ? Patched version : none Website : http://www.phpheaven.net/ Problems : Permanent XSS, authorization bypass, SQL-injection, include read files. Objects : °°°°°°° - lib/login.lib.php3 - admin/adminBody.php3...