Innue Business Live Chat version 2.5 suffers from an ignored default credential vulnerability.
69cf2bb9bb7d7ff376d99fe228145e43a3757fab2416d6aff6f75b372ddf2d3a
The PHP-Nuke SPChat module suffers from a remote SQL injection vulnerability.
14d0b239510c309eddbbd0586fe94652664ad4c1fb08378c6106930c7362e0f2
Ubuntu Security Notice 1500-1 - Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Thijs Alkemade discovered that Pidgin incorrectly handled malformed voice and video chat requests in the XMPP protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.
a749885c45d3ed6a82077ecb3953f73e5275c512532f5583f18a44f27c49d270
Secunia Security Advisory - Avatar Fearless has discovered multiple vulnerabilities in ElfChat, which can be exploited by malicious people to conduct cross-site scripting attacks.
cf5a095ed988a546635cbcfa4649ea6533f3c48fc64f4db515e56522a032aa30
ElfChat version 5.1.2 Pro suffers from a cross site scripting vulnerability.
5dbc0c25c91ac9c248972741c037874ae862593c456258d1c27f34c121b8cf11
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the PHPFreeChat plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
4e4dfae1d2d31df99da08a5522d54b24e7199f00899121c3fbf42eae6c3ca680
Et-Chat suffers from a remote shell upload vulnerability.
100b8db07a84fe489748fff77bde93e3612fda58e037f468f994d4f3d635662a
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the FCChat Widget plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
2e5b6d88847e0785ea3b1281d6e452a679395e70acf21f73b8081c377785b917
WordPress FCChat Widget plugin versions 2.2.12.2 through 2.2.13.1 suffer from a remote shell upload vulnerability.
0638063cb46b9dac5fd57097067cad9c433262ac71905a4d3738d4c5b7a06be2
This Metasploit module exploits an arbitrary code injection vulnerability in the chat module that is part of Active Collab by abusing a preg_replace() using the /e modifier and its replacement string using double quotes. The vulnerable function can be found in activecollab/application/modules/chat/functions/html_to_text.php.
dc407149c6ca0f8de287ff88144c5d975efe9da8376d1ec83d0a3d2bd4d18f90
Secunia Security Advisory - A vulnerability has been reported in the Chat module for activeCollab, which can be exploited by malicious users to compromise a vulnerable system.
dc888c875c658097172c3ced9c72cdeb7bdc5c67bc60cf3137de7b095d807a71
X7 Chat versions 2.0.5.1 and below suffer from a cross site request forgery vulnerability.
5a6c30045da825b60c8631b4e54c65d985928c2498b1dc1768c3aaa8458e6b85
Secunia Security Advisory - Sony has discovered a vulnerability in ChatBlazer Enterprise Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
f80dfb9eddfd212b083444d042d269df2d66cb46ecc742330ebb96ff8e0681b5
ChatBlazer Flash Chat suffers from a cross site scripting vulnerability.
2863706204b0d4e44dce1eef5246375180b128da4fdfce31ea95394d82592837
Fastpath WebChat version 4.0.0 suffers from a cross site scripting vulnerability.
48d7320613198772764d8b98bc017da1932c860245b0954fdaf10d283d0b0154
Secunia Security Advisory - A vulnerability has been discovered in the Chat plugin for Seditio, which can be exploited by malicious people to conduct cross-site request forgery attacks.
5d73b3436b317dc5761f2b1484ec021a70feca8fa9b9ffa9fb69aed1fb8e865d
Seditio Chat plugin version 1.0 suffers from a cross site request forgery vulnerability.
06d094015e904ce08e8240eb9c7df829c02e6115b618f94827052ea9bfa99a16
CarChat24 suffers from an html injection vulnerability.
034cc0a55ddf46e6da56c8a8b8d30610d0bd8b303e41c6c779c469b72389f141
Mandriva Linux Security Advisory 2012-029 - The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service by changing a nickname while in an XMPP chat room. The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service via an OIM message that lacks UTF-8 encoding. This update provides pidgin 2.10.2, which is not vulnerable to these issues.
37f419c48c8228cd782abfdb04b3b0eab3d820556f4c26443a5a2a7c6987a8ab
ProvideChat suffers from a cross site scripting vulnerability.
560eb03b5be80d8267f94b5b511f7b59bcc3b0bcb60d480f28fbe927d7798e23
Volusion Chat suffers from a cross site scripting vulnerability.
270904e7e12f13596a1278f3d5039ba28bbf74c51d5ac4e023c842bd92bdc64a
AliveChat suffers from a cross site scripting vulnerability.
3ba907a2a1ddde8f9eeafe44610f701ec4c866da849c021d82239b377383029d
LiveHelpNow Chat suffers from a cross site scripting vulnerability.
c7da3d8a255a228bb5781872e2a24647b4693cab9c65d38e7ff8f7577d6f656e
P-Chat version 0.9 suffers from a cross site scripting vulnerability.
e2f7ec196b46b488f6a7f3fb0e8fa423c504ca6ef2d19bf25cc64f1c992e5884
Red Hat Security Advisory 2012-0141-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A heap-based buffer overflow flaw was found in the way SeaMonkey handled PNG images. A web page containing a malicious PNG image could cause SeaMonkey to crash or, possibly, execute arbitrary code with the privileges of the user running SeaMonkey. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.
f1267c41db6a862799ec7a24f82bdf3f9e615c43178f198aa66dbb317e17b034
Even if a user has their security settings with no history enabled, Skype 5.x.x fails to securely remove chat messages stored in the sqlite3 database.
71d5feb9cc956c726042c458e08a52e135cac25deae5200ce474ea31c5489a36