Lucene search
K
EchatserverEasy Chat Server

7 matches found

CVE
CVE
added 2020/03/05 7:14 p.m.73 views

CVE-2019-20502

The CVE-2019-20502 entry applies to EFS Easy Chat Server 3.1, describing a buffer overflow triggered by a long body2.ghp message parameter. Connected sources (Red Hat CVE, NVD/NVD variants) confirm the affected product and the underlying issue, but do not provide exploit details or remediation st...

7.5CVSS7.7AI score0.0111EPSS
CVE
CVE
added 2023/01/06 12:0 a.m.54 views

CVE-2022-44939

CVE-2022-44939 affects Efs Software Easy Chat Server 3.1; a DLL hijacking flaw in TextShaping.dll allows local attackers to execute arbitrary code via a crafted DLL. Impact: full code execution with high impact. Mitigation/remediation: as per PT-2023-14570, restrict access to TextShaping.dll or a...

7.8CVSS7.9AI score0.00387EPSS
CVE
CVE
added 2017/06/12 6:0 a.m.50 views

CVE-2017-9544

CVE-2017-9544 affects EFS Software Easy Chat Server, versions 2.0–3.1. The issue is a remote stack-based/SEH buffer overflow in register.ghp when a long username is sent to registresult.htm during user registration, enabling arbitrary code execution. Public references include an exploit example i...

9.8CVSS9.8AI score0.24118EPSS
CVE
CVE
added 2017/06/12 3:0 p.m.48 views

CVE-2017-9557

CVE-2017-9557 affects EFS Software Easy Chat Server (versions 2.0–3.1). The issue allows remote attackers to obtain user passwords by sending a crafted request containing the username parameter together with an empty password parameter, then reading the HTML source of the response. This is a info...

7.5CVSS7.7AI score0.01673EPSS
CVE
CVE
added 2017/06/12 6:0 a.m.42 views

CVE-2017-9543

The CVE-2017-9543 entry concerns EFS Software Easy Chat Server (versions 2.0–3.1). The underlying issue is in the register.ghp handling, which allows a remote attacker to reset arbitrary user passwords by sending a crafted POST to registresult.htm. Reported impact includes the ability to change p...

7.5CVSS7.4AI score0.01332EPSS
CVE
CVE
added 2026/03/28 11:58 a.m.11 views

CVE-2018-25221

Affected product: EChat Server 3.1. Vulnerability: Buffer overflow in the chat.ghp endpoint, exploitable by sending a GET request with an oversized username value, leading to remote code execution in the application context. The provided description states that shellcode and ROP gadgets can be us...

9.8CVSS6.8AI score0.00822EPSS
CVE
CVE
added 2026/03/22 1:38 p.m.8 views

CVE-2019-25613

Easy Chat Server 3.1 is affected by a denial-of-service vulnerability where sending an oversized message parameter crashes the service. The exploit flow involves an attacker first establishing a session via the chat.ghp endpoint, then issuing a POST to body2.ghp with an excessively large message ...

8.7CVSS5.9AI score0.00517EPSS