Ciprianmp Phpmychat-plus — known CVE vulnerabilities
Every CVE whose affected-product data names Ciprianmp Phpmychat-plus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-37151 — CVSS 8.2 (high): phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmc_username parameter that allows attackers…
CVE-2020-9265 — CVSS 8.2 (high): phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by…
CVE-2019-19908 — CVSS 6.1 (medium): phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username…