Simple ChatBox
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-6161 | Hig | 0.47 | 7.3 | 0.00 | Apr 13, 2026 | A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely.… | ||
| CVE-2026-6160 | Med | 0.34 | 5.3 | 0.00 | Apr 13, 2026 | A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatbox_PHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the… | ||
| CVE-2026-6159 | Med | 0.28 | 4.3 | 0.00 | Apr 13, 2026 | A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be… |
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely.…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatbox_PHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the…
- risk 0.28cvss 4.3epss 0.00
A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be…