Filtered by vendor Livehelperchat Subscriptions
Filtered by product Live Helper Chat Subscriptions
Total 30 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-1000059 1 Livehelperchat 1 Live Helper Chat 2024-08-05 N/A
Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users.
CVE-2020-26134 1 Livehelperchat 1 Live Helper Chat 2024-08-04 6.1 Medium
Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode.
CVE-2020-26135 1 Livehelperchat 1 Live Helper Chat 2024-08-04 6.1 Medium
Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
CVE-2021-4177 1 Livehelperchat 1 Live Helper Chat 2024-08-03 5.3 Medium
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
CVE-2021-4179 1 Livehelperchat 1 Live Helper Chat 2024-08-03 5.4 Medium
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4175 1 Livehelperchat 1 Live Helper Chat 2024-08-03 5.4 Medium
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4176 1 Livehelperchat 1 Live Helper Chat 2024-08-03 6.1 Medium
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4169 1 Livehelperchat 1 Live Helper Chat 2024-08-03 6.1 Medium
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4132 1 Livehelperchat 1 Live Helper Chat 2024-08-03 5.4 Medium
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4123 1 Livehelperchat 1 Live Helper Chat 2024-08-03 6.5 Medium
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4131 1 Livehelperchat 1 Live Helper Chat 2024-08-03 8.8 High
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4050 1 Livehelperchat 1 Live Helper Chat 2024-08-03 6.1 Medium
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4049 1 Livehelperchat 1 Live Helper Chat 2024-08-03 6.5 Medium
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2022-1530 1 Livehelperchat 1 Live Helper Chat 2024-08-03 6.1 Medium
Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.
CVE-2022-1191 1 Livehelperchat 1 Live Helper Chat 2024-08-02 8.1 High
SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.
CVE-2022-1235 1 Livehelperchat 1 Live Helper Chat 2024-08-02 8.2 High
Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.
CVE-2022-1234 1 Livehelperchat 1 Live Helper Chat 2024-08-02 6.1 Medium
XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.
CVE-2022-1176 1 Livehelperchat 1 Live Helper Chat 2024-08-02 7.5 High
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.
CVE-2022-1213 1 Livehelperchat 1 Live Helper Chat 2024-08-02 8.1 High
SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191
CVE-2022-0935 1 Livehelperchat 1 Live Helper Chat 2024-08-02 8.8 High
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.