Vulnerabilities > Dschat
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-25 | CVE-2006-2605 | HTML Injection vulnerability in Dschat 1.0 Cross-site scripting (XSS) vulnerability in DSChat 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatbox, probably involving the ctext parameter to send.php. network dschat | 4.3 |
2006-05-25 | CVE-2006-2592 | Remote Security vulnerability in Dschat 1.0 Unspecified vulnerability in DSChat 1.0 allows remote attackers to execute arbitrary PHP code via the Nickname field, which is not sanitized before creating a file in a user directory. | 7.5 |