Total
30 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-1530 | 1 Livehelperchat | 1 Live Helper Chat | 2022-05-12 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application. | |||||
CVE-2022-0935 | 1 Livehelperchat | 1 Live Helper Chat | 2022-04-14 | 6.8 MEDIUM | 8.8 HIGH |
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. | |||||
CVE-2022-1213 | 1 Livehelperchat | 1 Live Helper Chat | 2022-04-13 | 5.5 MEDIUM | 8.1 HIGH |
SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191 | |||||
CVE-2022-1235 | 1 Livehelperchat | 1 Live Helper Chat | 2022-04-13 | 6.4 MEDIUM | 8.2 HIGH |
Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96. | |||||
CVE-2022-1234 | 1 Livehelperchat | 1 Live Helper Chat | 2022-04-13 | 4.3 MEDIUM | 6.1 MEDIUM |
XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device. | |||||
CVE-2022-1176 | 1 Livehelperchat | 1 Live Helper Chat | 2022-04-07 | 5.0 MEDIUM | 7.5 HIGH |
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96. | |||||
CVE-2022-1191 | 1 Livehelperchat | 1 Live Helper Chat | 2022-04-07 | 5.5 MEDIUM | 8.1 HIGH |
SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96. | |||||
CVE-2022-0394 | 1 Livehelperchat | 1 Live Helper Chat | 2022-03-04 | 3.5 LOW | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | |||||
CVE-2022-0395 | 1 Livehelperchat | 1 Live Helper Chat | 2022-03-01 | 3.5 LOW | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | |||||
CVE-2022-0612 | 1 Livehelperchat | 1 Live Helper Chat | 2022-02-23 | 3.5 LOW | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | |||||
CVE-2022-0502 | 1 Livehelperchat | 1 Live Helper Chat | 2022-02-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | |||||
CVE-2022-0374 | 1 Livehelperchat | 1 Live Helper Chat | 2022-02-01 | 3.5 LOW | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | |||||
CVE-2022-0375 | 1 Livehelperchat | 1 Live Helper Chat | 2022-02-01 | 3.5 LOW | 4.8 MEDIUM |
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | |||||
CVE-2022-0266 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-25 | 6.0 MEDIUM | 6.6 MEDIUM |
Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v. | |||||
CVE-2022-0231 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-21 | 4.3 MEDIUM | 6.5 MEDIUM |
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
CVE-2022-0226 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-20 | 4.3 MEDIUM | 4.3 MEDIUM |
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
CVE-2022-0083 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-11 | 5.0 MEDIUM | 5.3 MEDIUM |
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information | |||||
CVE-2021-4175 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
CVE-2021-4176 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
CVE-2021-4179 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |