Vulnerabilities > VOC Project

DATE CVE VULNERABILITY TITLE RISK
2006-12-31 CVE-2006-6890 Information Disclosure vulnerability in Voc-Project Voodoo Chat 1.0Rc1B
Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat.
network
low complexity
voc-project
7.5
2006-08-05 CVE-2006-3991 Remote File Include vulnerability in Voodoo Chat File_Path Parameter
PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter.
network
low complexity
voc-project
7.5