12 matches found
CVE-2025-20129
A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform CCP, formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent...
CVE-2025-20129
A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform CCP, formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent...
Cisco Customer Collaboration Platform Information Disclosure Vulnerability
A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform CCP, formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent...
PT-2025-23817 · Cisco · Cisco Customer Collaboration Platform
Name of the Vulnerable Software and Affected Versions: Cisco Customer Collaboration Platform CCP versions not specified Description: A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform CCP could allow an unauthenticated, remote attacker to persuade users to...
CVE-2024-10433
A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting. The attack may be launched...
CVE-2024-10432
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. The attack can be launched...
CVE-2024-10432
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. The attack can be launched...
CVE-2024-10433
The CVE-2024-10433 issue affects Project Worlds Simple Web-Based Chat Application 1.0. The vulnerability is a cross-site scripting flaw in the /index.php page, triggered by manipulating the Name/Comment parameter. It is described as exploitable remotely, with public disclosure of exploits. The av...
CVE-2024-10433 Project Worlds Simple Web-Based Chat Application index.php cross site scripting
A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting. The attack may be launched...
CVE-2024-10432 Project Worlds Simple Web-Based Chat Application index.php sql injection
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. The attack can be launched...
CVE-2024-10432
CVE-2024-10432 affects Project Worlds Simple Web-Based Chat Application 1.0. The vulnerability resides in the /index.php page, where manipulating the username parameter enables SQL injection due to improper input handling. This is a network-accessible issue that can be exploited remotely, with th...
X7 Chat index.php day Parameter SQL Injection
The remote host is running X7 Chat, a web-based chat program written in PHP. The version of X7 Chat installed on the remote host fails to sanitize input to the 'day' parameter of the 'index.php' script when 'page' is set to 'event' before using it in 'sources/infobox.php' to construct database...