X7 Group : Security Vulnerabilities, CVEs, CVSS score >= 7
SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows remote attackers to execute arbitrary SQL commands via the password field.
Max CVSS
7.5
EPSS Score
0.06%
Published
2009-08-13
Updated
2017-09-29
Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156.
Max CVSS
7.5
EPSS Score
1.99%
Published
2008-10-23
Updated
2017-09-29
SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter.
Max CVSS
7.5
EPSS Score
0.23%
Published
2006-07-25
Updated
2017-10-19
3 vulnerabilities found