Vulnerabilities > VOC Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-31 | CVE-2006-6890 | Information Disclosure vulnerability in Voc-Project Voodoo Chat 1.0Rc1B Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat. | 7.5 |
2006-08-05 | CVE-2006-3991 | Remote File Include vulnerability in Voodoo Chat File_Path Parameter PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter. | 7.5 |