MidnightBSD

Advisories for cool_cafe_chat

CVE-2005-2035 HIGH

SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to execute arbitrary SQL commands via the password.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
cool_cafe_chat cool_cafe_chat 1.2.1
CVE-2005-2036 HIGH

modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-200,

Products Affected

Vendor Product Version
cool_cafe_chat cool_cafe_chat 1.2.1