5 matches found
CVE-2014-5276
Multiple cross-site scripting XSS vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via 1 an uploaded profile picture or 2 the edit parameter to profiles/index.php...
Sql injection
Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the 1 password, 2 email, or 3 id parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via 1 an uploaded profile picture or 2 the edit parameter to profiles/index.php...
CVE-2014-5275
CVE-2014-5275 affects Pro Chat Rooms Text Chat Rooms 8.2.0; SQL injection vulnerabilities exist in includes/functions.php, exploitable via (1) password, (2) email, or (3) id parameters. The underlying cause is improper input handling that allows unauthenticated/injected SQL execution; however, th...
CVE-2014-5276
CVE-2014-5276 describes multiple XSS vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0. The issue allows remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture or (2) the edit parameter to profiles/index.php. Affected software: Pro Chat Rooms T...