Vulnerabilities > Ciprianmp

DATE CVE VULNERABILITY TITLE RISK
2020-02-18 CVE-2020-9265 SQL Injection vulnerability in Ciprianmp PHPmychat-Plus 1.98
phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.
network
low complexity
ciprianmp CWE-89
6.4
2019-12-20 CVE-2019-19908 Cross-site Scripting vulnerability in Ciprianmp PHPmychat-Plus 1.98
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL.
network
ciprianmp CWE-79
4.3