CVE-2025-9651

Name of the Vulnerable Software and Affected Versions shafhasan chatbox versions prior to 156a39cde62f78532c3265a70eda12c70907e56f

Description A vulnerability exists in shafhasan chatbox due to SQL injection. The issue is located in the /chat.php file and affects an unknown function. Manipulation of the user id argument can trigger the vulnerability. The attack can be performed remotely. The exploit has been made public.

Recommendations As a temporary workaround, consider restricting access to the /chat.php file until a fix is available. Avoid using the user id parameter in the affected file until the issue is resolved.