Vulnerabilities (CVE)

Filtered by vendor Phpfreechat Subscribe
Filtered by product Phpfreechat
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-5954 1 Phpfreechat 1 Phpfreechat 2024-02-04 5.0 MEDIUM 7.5 HIGH
phpFreeChat 1.7 and earlier allows remote attackers to cause a denial of service by sending a large number of connect commands.
CVE-2011-3777 1 Phpfreechat 1 Phpfreechat 2024-02-04 5.0 MEDIUM N/A
phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files.
CVE-2008-3428 1 Phpfreechat 1 Phpfreechat 2024-02-04 6.5 MEDIUM N/A
Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter.