Lucene search
K
Chatbot App With Suggestion ProjectChatbot App With Suggestion

6 matches found

CVE
CVE
•added 2022/06/01 5:59 p.m.•62 views

CVE-2022-31970

CVE-2022-31970 describes a SQL injection vulnerability in ChatBot App with Suggestion v1.0. The issue affects the admin interface at /simple_chat_bot/admin/?page=responses/manage_response&id= where external input is not validated, allowing an attacker to inject SQL statements. Public sources (NVD...

7.2CVSS7.3AI score0.00966EPSS
Web
CVE
CVE
•added 2022/06/01 6:0 p.m.•60 views

CVE-2022-31969

CVE-2022-31969 affects the ChatBot App with Suggestion v1.0, where the vulnerability is a SQL Injection in the admin page parameter: /simple_chat_bot/admin/?page=user/manage_user&id=. The root cause is lack of input validation/parameterization on the id parameter, enabling arbitrary SQL execution...

9.8CVSS9.8AI score0.01081EPSS
Web
CVE
CVE
•added 2022/06/01 5:58 p.m.•60 views

CVE-2022-31971

CVE-2022-31971 affects ChatBot App with Suggestion v1.0. The vulnerability is a SQL Injection in the admin view, exposed via the URL parameter /simple_chat_bot/admin/?page=responses/view_response&id=, where user-controlled input can influence SQL queries. Root cause described across connected sou...

7.2CVSS7.3AI score0.00958EPSS
Web
CVE
CVE
•added 2022/06/01 6:3 p.m.•59 views

CVE-2022-31966

ChatBot App with Suggestion v1.0 is affected by CVE-2022-31966. Affected component: /simple_chat_bot/classes/Master.php. Root cause: lack of filename validation in the delete_img function, enabling arbitrary file deletion through the parameter f=delete_img. Impact: arbitrary deletion of files as ...

6.5CVSS6.4AI score0.00928EPSS
Web
CVE
CVE
•added 2022/05/24 1:34 p.m.•58 views

CVE-2022-30459

CVE-2022-30459 affects the ChatBot App with Suggestion in PHP/OOP v1.0. The vulnerability is a SQL injection in the Master.php endpoint when the parameter f is set to delete_response and id is supplied, due to insufficient input validation. This can allow manipulation of the underlying database, ...

8.8CVSS9AI score0.00921EPSS
Web
CVE
CVE
•added 2022/05/24 1:33 p.m.•54 views

CVE-2022-30464

CVE-2022-30464 concerns a Cross Site Scripting (XSS) vulnerability in the ChatBot App with Suggestion in PHP/OOP v1.0. The issue is triggered via the endpoint /simple_chat_bot/classes/Master.php?f=save_response, where user-supplied input appears to be processed without proper sanitization, enabli...

5.4CVSS5.2AI score0.00471EPSS
Web