Lucene search
+L
FabianChat System

10 matches found

CVE
CVE
added 2025/02/02 3:31 p.m.73 views

CVE-2025-0967

CVE-2025-0967 affects Code-Projects Chat System 1.0. The vulnerability is a SQL injection in the file /user/add_chatroom.php, caused by unsafely handling the chatname/chatpass parameters. The issue is exploitable remotely and could allow an attacker to manipulate SQL statements, potentially expos...

7.5CVSS6.8AI score0.00578EPSS
Web
CVE
CVE
added 2025/06/09 2:0 p.m.58 views

CVE-2025-5881

CVE-2025-5881 affects code-projects Chat System (versions up to 1.0). Multiple connected sources describe a vulnerability in /user/confirm_password.php where manipulating the parameter cid allows an SQL injection. Exploitation can be remote and the vulnerability has been disclosed publicly. Evide...

9.8CVSS7.6AI score0.00408EPSS
Web
CVE
CVE
added 2024/12/30 3:0 a.m.53 views

CVE-2024-13036

CVE-2024-13036: Affects code-projects Chat System 1.0. The vulnerability lies in /admin/update_room.php where manipulation of the id/name/password parameters enables SQL injection due to insufficient input validation. The attack can be initiated remotely and an exploit has been disclosed publicly...

7.5CVSS6.8AI score0.00318EPSS
Web
CVE
CVE
added 2025/01/17 4:0 p.m.53 views

CVE-2025-0531

CVE-2025-0531 affects code-projects Chat System 1.0. A SQL injection flaw exists in the /user/leaveroom.php?id= parameter caused by lack of input validation. This allows remote attackers to exploit the vulnerability, with confidentiality impact described as HIGH in the NVD metrics and public disc...

7.5CVSS7.7AI score0.0043EPSS
Web
CVE
CVE
added 2025/01/30 9:0 p.m.50 views

CVE-2025-0882

CVE-2025-0882 affects code-projects Chat System up to version 1.0, where the /user/addnewmember.php endpoint is vulnerable to SQL injection through the user parameter. Publicly disclosed exploit details and remote feasibility are noted, with potential to disclose or tamper with database data. Roo...

7.5CVSS6.8AI score0.0043EPSS
Web
CVE
CVE
added 2025/07/08 5:2 p.m.29 views

CVE-2025-7187

Code-projects Chat System 1.0 contains a SQL injection in the /user/fetch_member.php file caused by unsafely handling the ID parameter. The vulnerability can be exploited remotely and multiple sources cite exploitation of this parameter to retrieve/modify data. The attached documents do not speci...

8.8CVSS6.8AI score0.00381EPSS
Web
CVE
CVE
added 2025/07/08 4:32 p.m.28 views

CVE-2025-7186

CVE-2025-7186 affects code-projects Chat System 1.0. The vulnerability is an SQL injection in the processing of the file /user/fetch_chat.php, caused by manipulation of the ID parameter. It is exploitable remotely and has been disclosed publicly. Multiple sources confirm the issue, including CNVD...

8.8CVSS6.8AI score0.00381EPSS
Web
CVE
CVE
added 2025/07/13 1:32 a.m.27 views

CVE-2025-7511

CVE-2025-7511 affects code-projects Chat System 1.0. The vulnerability is a SQL injection in the handling of the musername parameter in the file /user/update_account.php, enabling remote exploitation. Multiple connected sources confirm the issue and state that the exploit has been publicly disclo...

6.5CVSS6.8AI score0.003EPSS
Web
CVE
CVE
added 2025/07/08 6:2 p.m.25 views

CVE-2025-7189

CVE-2025-7189 affects code-projects Chat System 1.0. The vulnerability is an SQL injection in the file /user/send_message.php, caused by lack of validation of the msg parameter. The issue can be exploited remotely and has publicly disclosed exploit information. Impact is described as potentially ...

8.8CVSS6.7AI score0.00361EPSS
Web
CVE
CVE
added 2025/07/08 5:32 p.m.24 views

CVE-2025-7188

CVE-2025-7188 concerns code-projects Chat System 1.0. The vulnerability affects the file /user/addmember.php where manipulating the ID parameter leads to a SQL injection. The issue is exploitable remotely and, according to the CVE entry, the exploit has been disclosed publicly. Multiple connected...

8.8CVSS6.8AI score0.00361EPSS
Web