Kvirc: >> Irc Client Security Vulnerabilities
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
CVSS Score
9.3
EPSS Score
0.027
Published
2007-06-26
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
CVSS Score
5.0
EPSS Score
0.013
Published
1999-09-24