Vulnerabilities > CVE-2006-6995 - Input Validation vulnerability in V3 Chat Instant Messenger
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter. The attacker must already be authenticated on V3Chat.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | V3 Chat Instant Messenger mycontacts.php membername Arbitrary User Buddy List Manipulation. CVE-2006-6995. Webapps exploit for php platform |
id | EDB-ID:28075 |
last seen | 2016-02-03 |
modified | 2006-06-20 |
published | 2006-06-20 |
reporter | Luny |
source | https://www.exploit-db.com/download/28075/ |
title | V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation |