Lionmax Software: >> Chat Anywhere Security Vulnerabilities
Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.002
Published
2005-05-02
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page.
CVSS Score
5.0
EPSS Score
0.005
Published
2004-12-31
LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character.
CVSS Score
7.1
EPSS Score
0.01
Published
2004-12-31