Vulnerabilities > Phpfreechat > Phpfreechat
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-25 | CVE-2018-5954 | Resource Exhaustion vulnerability in PHPfreechat phpFreeChat 1.7 and earlier allows remote attackers to cause a denial of service by sending a large number of connect commands. | 5.0 |
2011-09-24 | CVE-2011-3777 | Information Exposure vulnerability in PHPfreechat 1.3 phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files. | 5.0 |
2008-07-31 | CVE-2008-3428 | Improper Authentication vulnerability in PHPfreechat 1.0/1.1 Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter. | 6.5 |