phpHeaven phpMyChat 0.14.5 - edituser.php3?do_not_login Authentication Bypass

phpHeaven phpMyChat 0.14.5 - edituser.php3?donotlogin Authentication Bypass source: https://www.securityfocus.com/bid/10556/info phpHeaven phpMyChat is reported prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and design flaws. The followin...

phpHeaven phpMyChat 0.14.5 - 'edituser.php3?do_not_login' Authentication Bypass

source: https://www.securityfocus.com/bid/10556/info phpHeaven phpMyChat is reported prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and design flaws. The following specific issues can affect the application: phpMyChat is prone to a HTML...

phpHeaven phpMyChat 0.14.5 - 'usersL.php3' Multiple SQL Injections

source: https://www.securityfocus.com/bid/10556/info phpHeaven phpMyChat is reported prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and design flaws. The following specific issues can affect the application: phpMyChat is prone to a HTML...

phpHeaven phpMyChat 0.14.5 - admin.php3 Arbitrary File Access

phpHeaven phpMyChat 0.14.5 - admin.php3 Arbitrary File Access source: https://www.securityfocus.com/bid/10556/info phpHeaven phpMyChat is reported prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and design flaws. The following specific...

phpHeaven phpMyChat 0.14.5 - 'admin.php3' Arbitrary File Access

source: https://www.securityfocus.com/bid/10556/info phpHeaven phpMyChat is reported prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and design flaws. The following specific issues can affect the application: phpMyChat is prone to a HTML...

CVE-2001-1357

CVE-2001-1357 affects phpMyChat prior to 0.14.5. Vulnerabilities are in three PHP files: input.php3, handle_inputH.php3, and index.lib.php3. The description notes unknown consequences with possible user spoofing or improperly initialized variables; no concrete impact or exploit details are provid...

CVE-2001-1357

Multiple vulnerabilities in phpMyChat before 0.14.5 exist in 1 input.php3, 2 handleinputH.php3, or 3 index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables...

CVE-2001-1358

Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L localization parameter...

CVE-2001-1358

phpMyChat prior to version 0.14.4 is affected by a local privilege escalation (and potentially remote) via a crafted L (localization) parameter that allows an alternate library file to be loaded, enabling attackers to gain privileges. The description explicitly identifies the vulnerable component...

CVE-2001-1358

Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L localization parameter...

CVE-2001-1357

Multiple vulnerabilities in phpMyChat before 0.14.5 exist in 1 input.php3, 2 handleinputH.php3, or 3 index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables...