VULHUB ™

VChat fails to protect chat session logs from being disclosed to remote users. A remote web-based attacker may request the chat session logs, which are stored in an ordinary text file in a web-accessible directory in the default installation.

VChat fails to protect chat session logs from being disclosed to remote users. A remote web-based attacker may request the chat session logs, which are stored in an ordinary text file in a web-accessible directory in the default installation.