Filtered by vendor Darrens 5-dollar Script Archive
Subscribe
Filtered by product Flashchat
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-4583 | 1 Darrens 5-dollar Script Archive | 1 Flashchat | 2018-10-17 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in FlashChat before 4.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/cmses/aedatingCMS.php, (2) inc/cmses/aedatingCMS2.php, or (3) inc/cmses/aedating4CMS.php. | |||||
CVE-2007-0807 | 1 Darrens 5-dollar Script Archive | 1 Flashchat | 2018-10-16 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in info.php in flashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via a channel title (aka room name) that is not properly handled by the "who's online" feature. | |||||
CVE-2007-0834 | 1 Darrens 5-dollar Script Archive | 1 Flashchat | 2017-07-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via the user name field when the user joins a chat room, a different vulnerability than CVE-2007-0807. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |