VYPR
Vendor

V3 Chat

Products
3
CVEs
6
Across products
7
Status
Private

Products

3

Recent CVEs

6
  • CVE-2008-5784CriDec 31, 2008
    risk 0.67cvss 9.8epss 0.07

    V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.

  • CVE-2008-5785Dec 31, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.

  • CVE-2008-5783Dec 31, 2008
    risk 0.03cvss epss 0.03

    admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.

  • CVE-2006-6995Feb 12, 2007
    risk 0.03cvss epss 0.02

    mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter.

  • CVE-2006-3366Jul 6, 2006
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c)…

  • CVE-2006-3365Jul 6, 2006
    risk 0.00cvss epss 0.01

    V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2) membername parameter to messenger/online.php, which displays the path in an error page due to an incorrect SQL statement.