Code Projects Chat System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Code Projects Chat System.
By the Year
In 2025 there have been 11 vulnerabilities in Code Projects Chat System with an average score of 8.1 out of ten. Last year, in 2024 Chat System had 5 security vulnerabilities published. That is, 6 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.71.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 11 | 8.09 |
| 2024 | 5 | 7.38 |
It may take a day or so for new Chat System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Code Projects Chat System Security Vulnerabilities
Chat System 1.0 - SQLi via musername in update_account.php (critical)
CVE-2025-7511
6.5 - Medium
- July 13, 2025
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/update_account.php. The manipulation of the argument musername leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Code-Projects Chat System 1.0: SQLi via /user/send_message.php (Remote)
CVE-2025-7189
8.8 - High
- July 08, 2025
A vulnerability, which was classified as critical, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /user/send_message.php. The manipulation of the argument msg leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Code-Projects Chat System 1.0 Sqli in /user/addmember.php via ID
CVE-2025-7188
8.8 - High
- July 08, 2025
A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/addmember.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in code-projects Chat System 1.0 /user/fetch_member.php ID param
CVE-2025-7187
8.8 - High
- July 08, 2025
A vulnerability classified as critical has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /user/fetch_member.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CVE-2025-7186: Code-Projects Chat 1.0 SQLi via /user/fetch_chat.php
CVE-2025-7186
8.8 - High
- July 08, 2025
A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/fetch_chat.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
code-projects Chat System <1.0: Remote SQLi via /user/confirm_password.php
CVE-2025-5881
9.8 - Critical
- June 09, 2025
A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirm_password.php. The manipulation of the argument cid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in Chat System 1.0 via /user/add_chatroom.php (Critical)
CVE-2025-0967
7.5 - High
- February 02, 2025
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/add_chatroom.php. The manipulation of the argument chatname/chatpass leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi in code-projects Chat System /user/addnewmember.php (<=1.0)
CVE-2025-0882
7.5 - High
- January 30, 2025
A vulnerability was found in code-projects Chat System up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/addnewmember.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Code-Projects Chat System 1.0 /user/leaveroom.php SQLi via id (remote)
CVE-2025-0531
7.5 - High
- January 17, 2025
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/leaveroom.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi via id in /admin/deleteroom.php, code-projects Chat Sys 1.0
CVE-2025-0172
7.5 - High
- January 02, 2025
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in code-projects Chat System 1.0 /admin/deleteuser.php via id
CVE-2025-0171
7.5 - High
- January 02, 2025
A vulnerability, which was classified as critical, was found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/deleteuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Chat System SQL Injection Vulnerability in User Update Functionality
CVE-2024-13035
9.8 - Critical
- December 30, 2024
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/update_user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Chat System 1.0: Cross-Site Scripting (XSS) in update_user.php
CVE-2024-13034
7.6 - High
- December 30, 2024
A vulnerability, which was classified as problematic, was found in code-projects Chat System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
XSS
Cross-Site Scripting (XSS) Vulnerability in Chat System Admin Chatroom
CVE-2024-13033
6.1 - Medium
- December 30, 2024
A vulnerability, which was classified as problematic, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
XSS
Chat System SQL Injection Vulnerability in chatroom.php
CVE-2024-13020
8.8 - High
- December 29, 2024
A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Chat System: Cross-Site Scripting in Chat Room Page
CVE-2024-13019
4.6 - Medium
- December 29, 2024
A vulnerability classified as problematic has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/update_room.php of the component Chat Room Page. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Code Projects Chat System or by Code Projects? Click the Watch button to subscribe.
