X7 Chat@2.0.2 Security Vulnerabilities and Issues — X7 Chat@2.0.2 CVE List

Lucene search

X7 GroupX7 Chat2.0.2

3 matches found

CVE•added 2006/05/10 2:14 a.m.•41 views

CVE-2006-2282

Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php.

4.3CVSS5.8AI score0.00527EPSS

CVE•added 2006/07/25 11:4 p.m.•35 views

CVE-2006-3851

SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter.

7.5CVSS8.4AI score0.00354EPSS

CVE•added 2012/11/27 4:49 a.m.•34 views

CVE-2012-6047

Cross-site request forgery (CSRF) vulnerability in X7 Chat 2.0.5.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that add a user to an arbitrary group via the users page in an adminpanel action to index.php.

6.8CVSS7.4AI score0.00211EPSS