Reallysimplechat
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-2470 | 0.00 | — | 0.01 | Jun 29, 2011 | Cross-site scripting (XSS) vulnerability in chat/base/admin/login.php in A Really Simple Chat (ARSC) 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsc_message parameter. | |||
| CVE-2011-2181 | 0.00 | — | 0.01 | Jun 29, 2011 | Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2) arsc_layout_id parameter in base/admin/edit_layout.php, or (3) arsc_room… | |||
| CVE-2011-2180 | 0.00 | — | 0.01 | Jun 29, 2011 | Cross-site scripting (XSS) vulnerability in dereferer.php in A Really Simple Chat (ARSC) 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsc_link parameter. | |||
| CVE-2002-0463 | 0.00 | — | 0.02 | Aug 12, 2002 | home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message. |
- CVE-2011-2470Jun 29, 2011risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in chat/base/admin/login.php in A Really Simple Chat (ARSC) 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsc_message parameter.
- CVE-2011-2181Jun 29, 2011risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2) arsc_layout_id parameter in base/admin/edit_layout.php, or (3) arsc_room…
- CVE-2011-2180Jun 29, 2011risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in dereferer.php in A Really Simple Chat (ARSC) 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsc_link parameter.
- CVE-2002-0463Aug 12, 2002risk 0.00cvss —epss 0.02
home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message.