5 matches found
EUVD-2006-3965
Malware in sbrugna...
CVE-2006-3971
Cross-site scripting XSS vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
CVE-2006-3972
The CVE-2006-3972 entry concerns the Scott Weedon Ajax Chat component (likely version 0.1) where a directory traversal flaw exists in includes/operator_chattranscript.php. An attacker can supply '..' in the chatid parameter to read arbitrary files, enabling partial confidentiality impact. The NVD...
CVE-2006-3971
The CVE-2006-3971 entry describes a Cross-site scripting (XSS) vulnerability in Scott Weedon Ajax Chat, specifically in visitor/livesupport/chat.php, exploitable via the userid parameter. The vulnerability permits remote attackers to inject arbitrary web script/HTML. The NVD listing assigns a CVS...
CVE-2006-3972
Directory traversal vulnerability in includes/operatorchattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to read arbitrary files via a .. dot dot in the chatid parameter...