Vulnerabilities > Phpheaven
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-25 | CVE-2008-1504 | Cross-Site Scripting vulnerability in PHPheaven PHPmychat 0.14.5 Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven phpMyChat 0.14.5 allows remote attackers to inject arbitrary web script or HTML via the Lang parameter. | 4.3 |
| 2006-11-15 | CVE-2006-5898 | Directory Traversal vulnerability in phpMyChat Directory traversal vulnerability in localization/languages.lib.php3 in PhpMyChat 0.14.5 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2006-11-15 | CVE-2006-5897 | Path Traversal vulnerability in PHPheaven PHPmychat Plus Multiple directory traversal vulnerabilities in PhpMyChat Plus 1.9 and earlier allow remote attackers to read arbitrary files via a .. | 5.0 |
| 2006-04-07 | CVE-2006-1669 | SQL Injection vulnerability in PHPheaven PHPmychat 0.14.4 SQL injection vulnerability in chat/messagesL.php3 in phpHeaven Team PHPMyChat 0.14.5 and earlier allows remote attackers to execute arbitrary SQL commands via the T parameter. | 6.4 |
| 2005-12-04 | CVE-2005-3991 | Cross-Site Scripting vulnerability in PHPheaven PHPmychat 0.14.6 Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat 0.14.6 allow remote attackers to inject arbitrary web script or HTML via the medium parameter to (1) start_page.css.php and (2) style.css.php; or the From parameter to users_popupL.php. network phpheaven | 4.3 |
| 2005-05-16 | CVE-2005-1619 | Cross-Site Scripting vulnerability in PHPheaven PHPmychat 0.14.5 Multiple cross-site scripting (XSS) vulnerabilities in (1) start_page.css.php3 (aka start-page.css.php3) or (2) style.css.php3 in PHPMyChat 0.14.5 allow remote attackers to inject arbitrary web script or HTML commands via the FontName parameter. | 4.3 |
| 2001-02-07 | CVE-2001-1358 | Unspecified vulnerability in PHPheaven PHPmychat Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. | 7.2 |
| 2001-02-07 | CVE-2001-1357 | Unspecified vulnerability in PHPheaven PHPmychat Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables. | 7.5 |