CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/02/05 3:25 p.m.•7 views

CVE-2020-37151

CVE-2020-37151 affects PHPMyChat Plus 1.98, with a SQL injection in deluser.php via the pmc_username parameter. The root cause is improper handling of user input in the deluser.php code, enabling attackers to craft payloads that perform boolean-based, error-based, and time-based blind SQL injecti...

Exploits1References3Affected Software1

EUVD•added 2026/02/05 3:25 p.m.•5 views

EUVD-2020-31050

ATTACKERKB•added 2026/02/05 3:25 p.m.•3 views

CVE-2020-37151

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/05 3:25 p.m.•4 views

CVE-2020-37151 phpMyChat Plus 1.98 'deluser.php' SQL Injection

CNNVD•added 2026/02/05 12:0 a.m.•2 views

phpMyChat Plus SQL注入漏洞

phpMyChat Plus is a chat room system developed by Ciprianmp. Version 1.98 of phpMyChat Plus contains an SQL injection vulnerability. This vulnerability stems from the pmcusername parameter in the deluser.php page, which may lead to the exposure of sensitive database information...

8.8CVSS5.8AI score0.00092EPSS

Positive Technologies•added 2026/02/05 12:0 a.m.•5 views

PT-2026-6559

Name of the Vulnerable Software and Affected Versions phpMyChat Plus version 1.98 Description The software contains a SQL injection issue in the 'deluser.php' page. This allows manipulation of database queries through the pmc username parameter. Attackers can use boolean-based, error-based, and...

EUVD•added 2025/10/07 12:30 a.m.•1 views

Exploits1References5

EUVD-2006-6983

Malware in sbrugna...

7.1CVSS6.4AI score0.00316EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-5880

Malware in sbrugna...

5CVSS6.3AI score0.00385EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-30094

Malware in sbrugna...

9.3CVSS9AI score0.01002EPSS

Exploits1References2

RedhatCVE•added 2025/05/21 9:31 p.m.•4 views

CVE-2006-7001

Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the L parameter, a different issue than CVE-2006-5897. NOTE: the provenance of this information is unknown; the details are obtained solely from...

7.1CVSS6.7AI score0.00385EPSS

RedhatCVE•added 2025/02/05 3:4 p.m.•5 views

CVE-2020-9265

phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmcusername...

9.3CVSS7.5AI score0.01002EPSS

CNVD•added 2020/02/19 12:0 a.m.•1 views

phpMyChat-Plus SQL Injection Vulnerability

phpMyChat-Plus is a chat room system based on PHP and MySQL. A SQL injection vulnerability exists in phpMyChat-Plus version 1.98. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...

9.3CVSS8.3AI score0.01002EPSS

OSV•added 2020/02/18 7:15 p.m.•1 views

CVE-2020-9265

phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmcusername...

8.2CVSS7.3AI score

Exploits0References1

NVD•added 2020/02/18 7:15 p.m.•8 views

CVE-2020-9265

phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmcusername...

9.3CVSS8.7AI score0.01002EPSS