Back to CVE Browser

CVE-2007-2149

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1130%

EPSS Percentile14.39th

PublishedApr 19, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores usernames and unencrypted passwords in (1) classes/vars.php and (2) classes/varstuff.php, and recommends 0666 or 0777 permissions for these files, which allows local users to gain privileges by reading the files, and allows remote attackers to obtain credentials via a direct request for admin/options.php.

Affected Platforms (CPE)

📦

Stephen Craton

Chatness

<= 2.5.3

References & Advisories

🔗 http://secunia.com/advisories/24873

🔗 http://securityreason.com/securityalert/2595

🔗 http://www.securityfocus.com/archive/1/465547/100/0/threaded

🔗 http://www.vupen.com/english/advisories/2007/1386

🔗 http://secunia.com/advisories/24873

🔗 http://securityreason.com/securityalert/2595

🔗 http://www.securityfocus.com/archive/1/465547/100/0/threaded

🔗 http://www.vupen.com/english/advisories/2007/1386

Related Vulnerabilities

CVE-2007-095410.0

MOHA Chat 0.1b7 and earlier does not require authentication for use of the plug in API, which has unknown impact and attack vector...

CVE-2007-139410.0

Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote attackers to execute arbitrary PHP c...

CVE-2006-703610.0

PHP remote file inclusion vulnerability in register.php for Andys Chat 4.5 allows remote attackers to execute arbitrary code via t...

CVE-2007-214710.0

admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier does not check for administrative credentials, which...