123 Flash Chat is prone to multiple security vulnerabilities. These vulnerabilities include a cross-site scripting vulnerability, multiple information-disclosure vulnerabilities, and a directory-traversal vulnerability. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, obtain sensitive information, or perform unauthorized actions. Other attacks are also possible. 123 Flash Chat 7.8 is vulnerable other versions may also be affected.
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability