Filtered by vendor Ciprianmp
Subscriptions
Filtered by product Phpmychat-plus
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-19908 | 1 Ciprianmp | 1 Phpmychat-plus | 2024-08-05 | 6.1 Medium |
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable. | ||||
CVE-2020-9265 | 1 Ciprianmp | 1 Phpmychat-plus | 2024-08-04 | 8.2 High |
phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username. |
Page 1 of 1.