Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Live_helper_chat
(Livehelperchat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 31 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-29 | CVE-2024-27516 | Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php. | Live_helper_chat | N/A | ||
| 2020-10-02 | CVE-2020-26134 | Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode. | Live_helper_chat | 6.1 | ||
| 2020-10-02 | CVE-2020-26135 | Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO. | Live_helper_chat | 6.1 | ||
| 2021-12-07 | CVE-2021-4049 | livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | Live_helper_chat | 6.5 | ||
| 2021-12-08 | CVE-2021-4050 | livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Live_helper_chat | 6.1 | ||
| 2021-12-16 | CVE-2021-4123 | livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | Live_helper_chat | 6.5 | ||
| 2021-12-17 | CVE-2021-4132 | livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Live_helper_chat | 5.4 | ||
| 2021-12-18 | CVE-2021-4131 | livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | Live_helper_chat | 8.8 | ||
| 2021-12-26 | CVE-2021-4169 | livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Live_helper_chat | 6.1 | ||
| 2021-12-28 | CVE-2021-4177 | livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information | Live_helper_chat | 5.3 |