Role Filter Bypass in FlashChat 5.0.8 by FlashChat
CVE-2008-6799

Currently unrated

Key Information:

Vendor

Tufat

Status
Flashchat
Vendor
CVE Published:
7 May 2009

What is CVE-2008-6799?

The FlashChat software version 5.0.8 contains a security bypass vulnerability in its connection.php file. This flaw allows remote attackers to circumvent the role filter mechanism by manipulating the s parameter, enabling them to obtain administrative privileges unlawfully. As a result, unauthorized users can execute actions that should be restricted, posing significant risks to the integrity and security of the affected system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45974
vdb-entryx_refsource_XF
http://www.osvdb.org/49337
vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/31800
vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.