Php121 Instant Messenger vulnerabilities
2 known vulnerabilities affecting php121/php121_instant_messenger.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2007-1908P3MEDIUMCVSS 6.8PoCv2.22007-04-10
CVE-2007-1908 [MEDIUM] CVE-2007-1908: PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attac
PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.
nvd
CVE-2006-1828P3MEDIUMCVSS 5.1PoC≤ 1.42006-04-19
CVE-2006-1828 [MEDIUM] CVE-2006-1828: SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute a
SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute arbitrary SQL commands and execute arbitrary code via the sess_username variable, as set by the php121un HTTP COOKIE parameter, which is used in multiple files including php121login.php. NOTE: the code execution occurs because the SQL query results are used in a
nvd