CVE Catalog
CVE-2026-36227
MediumCVSS 6.5Exploitation Probability (EPSS)
Elevated risk0.87%
54th percentile - higher than 54% of all known CVEs
Summary
A Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to read sensitive information and execute arbitrary code via the UserName parameter.
Risk Assessment
An attacker can access confidential server files and take control of the server, leading to data leakage and potential full system compromise.
Recommendation
Immediately update Easy Chat Server to the latest version or apply a security patch, and restrict server access to trusted users only.
Original NVD description (English source)
Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter

