CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Scott Weedon: >> Ajax Chat Security Vulnerabilities

CVE-2006-3971

Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to inject arbitrary web script or HTML via the userid parameter.

CVSS Score

6.8

EPSS Score

0.017

Published

2006-08-02

CVE-2006-3972

Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to read arbitrary files via a .. (dot dot) in the chatid parameter.

CVSS Score

5.0

EPSS Score

0.05

Published

2006-08-02

Page 1

Vulnerabilities

Vulnerable Software

Scott Weedon: >> Ajax Chat Security Vulnerabilities

Products

Pricing

Contact Us