VYPR

Easy Chat Server

by Easy Chat Server

CVEs (3)

  • CVE-2004-2466Dec 31, 2004
    risk 0.09cvss epss 0.75

    chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.

  • CVE-2006-6933Jan 16, 2007
    risk 0.00cvss epss 0.02

    Easy Chat Server 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download certain files via direct requests to files such as (1) ServerKey.pem and (2) AcceptIP.txt. NOTE: The provenance of this information…

  • CVE-2004-2465Dec 31, 2004
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.