Vendor
FlashChat
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-6799 | 0.03 | — | 0.03 | May 7, 2009 | connection.php in FlashChat 5.0.8 allows remote attackers to bypass the role filter mechanism and gain administrative privileges by setting the s parameter to "7." | |||
| CVE-2007-0807 | 0.00 | — | 0.01 | Feb 7, 2007 | Cross-site scripting (XSS) vulnerability in info.php in flashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via a channel title (aka room name) that is not properly handled by the "who's online" feature. |
- CVE-2008-6799May 7, 2009risk 0.03cvss —epss 0.03
connection.php in FlashChat 5.0.8 allows remote attackers to bypass the role filter mechanism and gain administrative privileges by setting the s parameter to "7."
- CVE-2007-0807Feb 7, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in info.php in flashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via a channel title (aka room name) that is not properly handled by the "who's online" feature.