Filtered by vendor Livehelperchat
Subscriptions
Total
35 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1000059 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-05 | N/A |
| Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users. | ||||
| CVE-2020-26134 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-04 | 6.1 Medium |
| Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode. | ||||
| CVE-2020-26135 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-04 | 6.1 Medium |
| Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO. | ||||
| CVE-2021-4177 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 5.3 Medium |
| livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information | ||||
| CVE-2021-4179 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 5.4 Medium |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-4175 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 5.4 Medium |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-4176 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 6.1 Medium |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-4169 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 6.1 Medium |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-4132 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 5.4 Medium |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-4123 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 6.5 Medium |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4131 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 8.8 High |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4050 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 6.1 Medium |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2021-4049 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 6.5 Medium |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2022-1530 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-03 | 6.1 Medium |
| Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application. | ||||
| CVE-2022-1191 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-02 | 8.1 High |
| SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96. | ||||
| CVE-2022-1235 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-02 | 8.2 High |
| Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96. | ||||
| CVE-2022-1234 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-02 | 6.1 Medium |
| XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device. | ||||
| CVE-2022-1176 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-02 | 7.5 High |
| Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96. | ||||
| CVE-2022-1213 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-02 | 8.1 High |
| SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191 | ||||
| CVE-2022-0935 | 1 Livehelperchat | 1 Live Helper Chat | 2024-08-02 | 8.8 High |
| Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. | ||||