3 matches found
CVE-2024-13034
The CVE-2024-13034 entry describes a cross-site scripting vulnerability in code-projects Chat System 1.0, affecting an unknown portion of /admin/update_user.php. The issue arises from improper handling of the name argument, enabling remote exploitation and with an exploit publicly disclosed. Conn...
CVE-2025-0172
The CVE-2025-0172 issue affects code-projects Chat System 1.0, specifically the /admin/deleteroom.php file. The vulnerability arises from improper validation of the id parameter, enabling SQL injection. Impact is described as remote exploitation with potential data exposure; multiple sources corr...
CVE-2025-0171
CVE-2025-0171 affects code-projects Chat System 1.0. A SQL injection exists in the unknown function of /admin/deleteuser.php, exploitable remotely via the id parameter. Multiple sources classify the issue as critical with public disclosures. There is no provided official fixed version in the docu...