Kvirc » Irc Client : Security Vulnerabilities, CVEs,
The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an (1) irc:// or (2) irc6:// URI.
Max CVSS
9.3
EPSS Score
1.54%
Published
2007-06-26
Updated
2018-10-16
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
Max CVSS
5.0
EPSS Score
2.18%
Published
1999-09-24
Updated
2016-10-18
2 vulnerabilities found