ciprianmp CVE Vulnerabilities & Metrics

Focus on ciprianmp vulnerabilities and metrics.

Last updated: 08 Mar 2026, 23:25 UTC

About ciprianmp Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with ciprianmp. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total ciprianmp CVEs: 3
Earliest CVE date: 20 Dec 2019, 13:15 UTC
Latest CVE date: 05 Feb 2026, 16:15 UTC

Latest CVE reference: CVE-2020-37151

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical ciprianmp CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 3.57

Max CVSS: 6.4

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	1
4.0-6.9	2
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS ciprianmp CVEs

These are the five CVEs with the highest CVSS scores for ciprianmp, sorted by severity first and recency.

CVE-2020-9265 ciprianmp Published on 18 Feb 2020, 19:15 UTC (CVSS: 6.4)
phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.
CVE-2019-19908 ciprianmp Published on 20 Dec 2019, 13:15 UTC (CVSS: 4.3)
phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.
CVE-2020-37151 ciprianmp Published on 05 Feb 2026, 16:15 UTC (CVSS: 0)
phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmc_username parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database information by crafting malicious payloads in the username field.

All CVEs for ciprianmp

CVE-2020-37151 ciprianmp vulnerability CVSS: 0 05 Feb 2026, 16:15 UTC

phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmc_username parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to extract sensitive database information by crafting malicious payloads in the username field.

CVE-2020-9265 ciprianmp vulnerability CVSS: 6.4 18 Feb 2020, 19:15 UTC

phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.

CVE-2019-19908 ciprianmp vulnerability CVSS: 4.3 20 Dec 2019, 13:15 UTC

phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.