Phpfreechat
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-40700 | Hig | 0.53 | 8.2 | 0.01 | Jan 19, 2024 | Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP –… | ||
| CVE-2018-5954 | Hig | 0.52 | 7.5 | 0.09 | Jan 25, 2018 | phpFreeChat 1.7 and earlier allows remote attackers to cause a denial of service by sending a large number of connect commands. | ||
| CVE-2011-3777 | 0.00 | — | 0.01 | Sep 24, 2011 | phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files. | |||
| CVE-2008-3428 | 0.00 | — | 0.01 | Jul 31, 2008 | Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter. |
- risk 0.53cvss 8.2epss 0.01
Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP –…
- risk 0.52cvss 7.5epss 0.09
phpFreeChat 1.7 and earlier allows remote attackers to cause a denial of service by sending a large number of connect commands.
- CVE-2011-3777Sep 24, 2011risk 0.00cvss —epss 0.01
phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files.
- CVE-2008-3428Jul 31, 2008risk 0.00cvss —epss 0.01
Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter.