MidnightBSD

Advisories for topcmm_computing

CVE-2006-0223 MEDIUM

Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
topcmm_computing 123_flash_chat_server 5.0
topcmm_computing 123_flash_chat_server 5.1
CVE-2006-0418 HIGH

Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows attackers to execute arbitrary code via a crafted username.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
topcmm_computing 123_flash_chat_server 5.0
topcmm_computing 123_flash_chat_server 5.1