Pro Chat Rooms Multiple Security Vulnerabilities

Pro Chat Rooms is prone to the following security vulnerabilities:

1. Multiple SQL-injection vulnerabilities
2. An HTML-injection vulnerability
3. A cross-site scripting vulnerability
4. An arbitrary-file-upload vulnerability

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, to steal cookie-based authentication credentials, to upload arbitrary file and execute code, exploit latent vulnerabilities in the underlying database or perform certain unauthorized actions and gain access to the affected application.

Pro Chat Rooms 8.2.0 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus