Vulnerabilities (CVE)

Filtered by vendor Echatserver Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44939 1 Echatserver 1 Easy Chat Server 2024-11-21 N/A 7.8 HIGH
Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.
CVE-2019-20502 1 Echatserver 1 Easy Chat Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer overflow via a long body2.ghp message parameter.
CVE-2017-9557 1 Echatserver 1 Easy Chat Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response.
CVE-2017-9544 1 Echatserver 1 Easy Chat Server 2024-11-21 7.5 HIGH 9.8 CRITICAL
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.
CVE-2017-9543 1 Echatserver 1 Easy Chat Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to registresult.htm.