Filtered by vendor Livehelperchat
Subscriptions
Filtered by product Live Helper Chat
Subscriptions
Total
37 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-51398 | 1 Livehelperchat | 2 Live Helper Chat, Livehelperchat | 2025-08-07 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Facebook registration page of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter. | ||||
| CVE-2025-51403 | 1 Livehelperchat | 2 Live Helper Chat, Livehelperchat | 2025-08-07 | 6.5 Medium |
| A stored cross-site scripting (XSS) vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Alias Nick parameter. | ||||
| CVE-2025-51401 | 1 Livehelperchat | 2 Live Helper Chat, Livehelperchat | 2025-08-07 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the chat transfer function of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the operator name parameter. | ||||
| CVE-2025-51400 | 1 Livehelperchat | 2 Live Helper Chat, Livehelperchat | 2025-08-07 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Personal Canned Messages of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. | ||||
| CVE-2025-51397 | 1 Livehelperchat | 1 Live Helper Chat | 2025-08-07 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Facebook Chat module of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Surname parameter under the Recipient' Lists. | ||||
| CVE-2025-51396 | 1 Livehelperchat | 2 Live Helper Chat, Livehelperchat | 2025-08-07 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter. | ||||
| CVE-2022-0394 | 1 Livehelperchat | 1 Live Helper Chat | 2025-06-09 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | ||||
| CVE-2024-27516 | 1 Livehelperchat | 2 Live Helper Chat, Livehelperchat | 2025-04-30 | 9.8 Critical |
| Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php. | ||||
| CVE-2017-1000059 | 1 Livehelperchat | 1 Live Helper Chat | 2025-04-20 | N/A |
| Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users. | ||||
| CVE-2022-1530 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application. | ||||
| CVE-2022-1235 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 8.2 High |
| Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96. | ||||
| CVE-2022-1234 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.1 Medium |
| XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device. | ||||
| CVE-2022-1213 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 8.1 High |
| SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191 | ||||
| CVE-2022-1191 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 8.1 High |
| SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96. | ||||
| CVE-2022-1176 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 7.5 High |
| Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96. | ||||
| CVE-2022-0935 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 8.8 High |
| Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. | ||||
| CVE-2022-0612 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | ||||
| CVE-2022-0502 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | ||||
| CVE-2022-0395 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | ||||
| CVE-2022-0375 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 4.8 Medium |
| Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | ||||