Scott Weedon Ajax Chat vulnerabilities
2 known vulnerabilities affecting scott_weedon/ajax_chat.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2006-3972P4MEDIUMCVSS 5.0PoCv0.12006-08-02
CVE-2006-3972 [MEDIUM] CVE-2006-3972: Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat,
Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to read arbitrary files via a .. (dot dot) in the chatid parameter.
nvd
CVE-2006-3971P4MEDIUMCVSS 6.8v0.12006-08-02
CVE-2006-3971 [MEDIUM] CVE-2006-3971: Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat,
Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to inject arbitrary web script or HTML via the userid parameter.
nvd