5 matches found
Cross site scripting
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Resume parameter. The XSS is loaded from /register.ghp...
Cross site scripting
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...
CVE-2023-4497 Easy Chat Server XSS vulnerability
Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability stored via /registresult.htm POST method, in the Icon parameter. The XSS is loaded from /users.ghp...
EFS Software Easy Chat Server Heap Buffer Overflow Vulnerability
EFS Software Easy Chat Server is a simple Web-based chat program from EFS Software. A remote heap buffer overflow vulnerability exists in the register.ghp file in EFS Software Easy Chat Server versions 2.0 through 3.1. The vulnerability can be exploited by a remote attacker to execute arbitrary...
CVE-2017-9543
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm...