Skip to main content

Easy Chat Server

8 CVEs product

Monthly

CVE-2024-0695 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Easy Chat Server
NVD VulDB
CVSS 3.1
5.3
EPSS
1.0%
CVE-2023-4497 MEDIUM This Month

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Easy Chat Server
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-4496 MEDIUM This Month

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /body2.ghp (POST method), in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Easy Chat Server
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-4495 MEDIUM This Month

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Easy Chat Server
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-4494 CRITICAL Act Now

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Easy Chat Server
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2017-9557 HIGH POC This Week

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Easy Chat Server
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2017-9544 CRITICAL POC THREAT Emergency

There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 79.6%.

Buffer Overflow Memory Corruption RCE Easy Chat Server
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
79.6%
Threat
5.8
CVE-2017-9543 HIGH POC This Week

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Easy Chat Server
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.2%
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Easy Chat Server
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Easy Chat Server
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /body2.ghp (POST method), in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Easy Chat Server
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Easy Chat Server
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Easy Chat Server
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Easy Chat Server
NVD Exploit-DB
EPSS 80% 5.8 CVSS 9.8
CRITICAL POC THREAT Emergency

There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 79.6%.

Buffer Overflow Memory Corruption RCE +1
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH POC This Week

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Easy Chat Server
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy