CVE-2020-37151 | Ciprianmp phpMyChat Plus 1.98 deluser.php pmc_username sql injection (Exploit 48066)

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability was found in Ciprianmp phpMyChat Plus 1.98. It has been declared as critical. The affected element is an unknown function of the file deluser.php. Such manipulation of the argument pmc_username leads to sql injection.

This vulnerability is traded as CVE-2020-37151. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2020-37151 | Ciprianmp phpMyChat Plus 1.98 deluser.php pmc_username sql injection (Exploit 48066)

Post correlati

CVE-2026-25541 | tokio-rs bytes up to 1.11.0 spare_capacity_mut integer overflow to buffer overflow (GHSA-434x-w66g-qw3r)

CVE-2025-5303 | LTL Freight Quotes Plugin up to 1.0.11/2.1.10/2.2.6 on WordPress expiry_date cross site scripting

CVE-2024-1076 | SSL Zen Plugin up to 4.5.x on WordPress access control

CVE-2024-20327 | Cisco IOS XR on ASR 9000 PPPoE denial of service (cisco-sa-iosxr-pppma-JKWFgneW)