Phpfreechat : Security Vulnerabilities, CVEs,
phpFreeChat 1.7 and earlier allows remote attackers to cause a denial of service by sending a large number of connect commands.
Max CVSS
7.5
EPSS Score
2.82%
Published
2018-01-25
Updated
2019-10-03
phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files.
Max CVSS
5.0
EPSS Score
0.38%
Published
2011-09-24
Updated
2017-08-29
Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter.
Max CVSS
6.5
EPSS Score
0.30%
Published
2008-07-31
Updated
2017-08-08
3 vulnerabilities found