Vulnerabilities > Echatserver
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-06 | CVE-2022-44939 | Uncontrolled Search Path Element vulnerability in Echatserver Easy Chat Server 3.1 Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. | 7.8 |
| 2020-03-05 | CVE-2019-20502 | Classic Buffer Overflow vulnerability in Echatserver Easy Chat Server 3.1 An issue was discovered in EFS Easy Chat Server 3.1. | 5.0 |
| 2017-06-12 | CVE-2017-9557 | Insufficiently Protected Credentials vulnerability in Echatserver Easy Chat Server register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response. | 5.0 |
| 2017-06-12 | CVE-2017-9544 | Out-of-bounds Write vulnerability in Echatserver Easy Chat Server There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. | 7.5 |
| 2017-06-12 | CVE-2017-9543 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Echatserver Easy Chat Server register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm. | 5.0 |