123flashchatCVEs & Vulnerabilities
2 CVEs affecting 123flashchat products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
123 flash chat module 1echat plugin 1
CVE-2008-6069MEDIUM
SQL injection vulnerability in e107chat.php in the eChat plugin 4.2 for e107, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the nick parameter.
10 Feb 2009
6.8
CVSS
CVE-2008-1989CRITICALpoc
PHP remote file inclusion vulnerability in 123flashchat.php in the 123 Flash Chat 6.8.0 module for e107, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the e107path parameter.
28 Apr 2008
10.0
CVSS
← PrevPage 1 / 1Next →