Joompolitan: >> Com Livechat >> 1.0 Security Vulnerabilities
SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
7.5
EPSS Score
0.005
Published
2009-07-30
Multiple SQL injection vulnerabilities in the Live Chat (com_livechat) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to (1) getChat.php, (2) getChatRoom.php, and (3) getSavedChatRooms.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-07-30
Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
CVSS Score
7.5
EPSS Score
0.015
Published
2009-07-30