5 matches found
EUVD-2006-5821
Malware in sbrugna...
CVE-2006-5837
CVE-2006-5837 describes a static code injection in the SimpleChat 1.0.0 module for iWare Professional CMS. The vulnerability resides in chat_panel.php, allowing remote attackers to inject arbitrary PHP code into chat_log.php via the msg parameter. The CVSSv2 vector is AV:N/AC:L/Au:N/C:P/I:P/A:P w...
CVE-2006-5837
Static code injection vulnerability in chatpanel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chatlog.php via the msg parameter...
SimpleChat Information Disclosure
It is possible to retrieve list of users currently connected to the remote SimpleChat server by requesting the file 'data/usr'. An attacker may use this flaw to obtain the IP address of every user currently connected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 20 Mar 2003...
SimpleChat
Product : SimpleChat! Version : 1.3 WebSite : http://hot-things.net Problem : Private info viewing Description: ------------ In a directory /data/ the file containing the information on users of a chat lays taking place in a chat at present, to which any interested person can receive access. The...