Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2724 | 1 Lionmax Software | 1 Chat Anywhere | 2017-07-28 | 7.1 HIGH | N/A |
LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character. | |||||
CVE-2004-1802 | 1 Lionmax Software | 1 Chat Anywhere | 2017-07-10 | 5.0 MEDIUM | N/A |
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page. | |||||
CVE-2005-0522 | 1 Lionmax Software | 1 Chat Anywhere | 2008-09-05 | 4.6 MEDIUM | N/A |
Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges. |