Description
Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or (3) id parameter.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/109829
Exploit x_refsource_misc
http://packetstormsecurity.com/files/127775/Pro-Chat-Rooms-8.2.0-XSS-Shell-Upload-SQL-Injection.html
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-08/0026.html
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/34275
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95127
Scores
EPSS
0.0089
EPSS Percentile
75.5%
Details
CWE
CWE-89
Status
published
Products (1)
prochatrooms/text_chat_rooms
8.2.0
Published
Oct 20, 2014
Tracked Since
Feb 18, 2026