Voc-Project Voodoo Chat vulnerabilities
2 known vulnerabilities affecting voc-project/voodoo_chat.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2006-3991P3HIGHCVSS 7.5PoC≤ 1.0_rc1b2006-08-05
CVE-2006-3991 [HIGH] CVE-2006-3991: PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlie
PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter.
nvd
CVE-2006-6890P3HIGHCVSS 7.5PoCv1.0_rc1b2006-12-31
CVE-2006-6890 [HIGH] CVE-2006-6890: Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control
Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat.
nvd