Unrated severityNVD Advisory· Published Oct 20, 2014· Updated May 6, 2026

CVE-2014-5276

Description

Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture or (2) the edit parameter to profiles/index.php.

Affected products

Prochatrooms/Text Chat Rooms
cpe:2.3:a:pro_chat_rooms:text_chat_rooms:8.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2014-08/0026.htmlnvdExploit
packetstormsecurity.com/files/127775/Pro-Chat-Rooms-8.2.0-XSS-Shell-Upload-SQL-Injection.htmlnvdExploit
www.exploit-db.com/exploits/34275nvdExploit
exchange.xforce.ibmcloud.com/vulnerabilities/95125nvd
exchange.xforce.ibmcloud.com/vulnerabilities/95126nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000