CVE-2007-2147
WiredPHP Chatness <2.5.3 - Info Disclosure
Title source: llmDescription
admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier does not check for administrative credentials, which allows remote attackers to read and modify the classes/vars.php and classes/varstuff.php configuration files via direct requests.
Exploits (1)
References (4)
Scores
EPSS
0.0462
EPSS Percentile
89.1%
Classification
Status
draft
Affected Products (1)
stephen_craton/chatness
< 2.5.3
Timeline
Published
Apr 19, 2007
Tracked Since
Feb 18, 2026