V3 Chat
by V3 Chat
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-5784 | Cri | 0.67 | 9.8 | 0.07 | Dec 31, 2008 | V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1. | ||
| CVE-2008-5785 | 0.03 | — | 0.01 | Dec 31, 2008 | SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | |||
| CVE-2006-6995 | 0.03 | — | 0.02 | Feb 12, 2007 | mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter. | |||
| CVE-2006-3366 | 0.03 | — | 0.02 | Jul 6, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c)… | |||
| CVE-2006-3365 | 0.00 | — | 0.01 | Jul 6, 2006 | V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2) membername parameter to messenger/online.php, which displays the path in an error page due to an incorrect SQL statement. |
- risk 0.67cvss 9.8epss 0.07
V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.
- CVE-2008-5785Dec 31, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
- CVE-2006-6995Feb 12, 2007risk 0.03cvss —epss 0.02
mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter.
- CVE-2006-3366Jul 6, 2006risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c)…
- CVE-2006-3365Jul 6, 2006risk 0.00cvss —epss 0.01
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2) membername parameter to messenger/online.php, which displays the path in an error page due to an incorrect SQL statement.