2 matches found
CVE-2007-6297
CVE-2007-6297 details multiple XSS vulnerabilities in PHPMyChat (0.14.5/0.14.6) that allow remote attackers to inject arbitrary script/html via parameters: LIMIT (chat/deluser.php3), Link (chat/edituser.php3), and LastCheck or B (chat/users_popupL.php3). The entry notes related vectors (FontName ...
CVE-2004-2718
PHPMyChat 0.14.5 is affected by CVE-2004-2718: an issue where setup.php3 is not removed or protected after installation, allowing direct requests to reveal sensitive information such as database passwords. Impact is partial confidentiality loss as described; no exploitation details or active expl...