Vulnerabilities > Echatserver

DATE CVE VULNERABILITY TITLE RISK
2023-01-06 CVE-2022-44939 Uncontrolled Search Path Element vulnerability in Echatserver Easy Chat Server 3.1
Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll.
local
low complexity
echatserver CWE-427
7.8
2020-03-05 CVE-2019-20502 Classic Buffer Overflow vulnerability in Echatserver Easy Chat Server 3.1
An issue was discovered in EFS Easy Chat Server 3.1.
network
low complexity
echatserver CWE-120
7.5
2017-06-12 CVE-2017-9557 Insufficiently Protected Credentials vulnerability in Echatserver Easy Chat Server
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response.
network
low complexity
echatserver CWE-522
7.5
2017-06-12 CVE-2017-9544 Out-of-bounds Write vulnerability in Echatserver Easy Chat Server
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1.
network
low complexity
echatserver CWE-787
critical
9.8
2017-06-12 CVE-2017-9543 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Echatserver Easy Chat Server
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm.
network
low complexity
echatserver CWE-640
7.5