Sky Gunning: >> Myspeach >> 2.1_beta Security Vulnerabilities
Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie.
CVSS Score
5.8
EPSS Score
0.041
Published
2007-04-09
PHP remote file inclusion vulnerability in up.php in MySpeach 2.1 beta and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the my[root] parameter.
CVSS Score
7.5
EPSS Score
0.054
Published
2007-01-25