Vulnerabilities (CVE)

Filtered by vendor Lionmax Software Subscribe
Filtered by product Chat Anywhere
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-0522 1 Lionmax Software 1 Chat Anywhere 2024-11-20 4.6 MEDIUM N/A
Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges.
CVE-2004-2724 1 Lionmax Software 1 Chat Anywhere 2024-11-20 7.1 HIGH N/A
LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character.
CVE-2004-1802 1 Lionmax Software 1 Chat Anywhere 2024-11-20 5.0 MEDIUM N/A
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page.