VYPR

Packagist (Composer) package

remdex/livehelperchat

pkg:composer/remdex/livehelperchat

Vulnerabilities (23)

  • CVE-2024-27516Feb 28, 2024
    affected < 4.29fixed 4.29

    Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php.

  • CVE-2022-1530Apr 29, 2022
    affected < 3.99fixed 3.99

    Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.

  • CVE-2022-1235Apr 5, 2022
    affected < 3.96fixed 3.96

    Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.

  • CVE-2022-1213Apr 5, 2022
    affected < 3.67fixed 3.67

    SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191

  • CVE-2022-1176Mar 31, 2022
    affected < 3.96fixed 3.96

    Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.

  • CVE-2022-0612Feb 16, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0502Feb 6, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0395Jan 28, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0394Jan 28, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0370Jan 27, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0387Jan 27, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0375Jan 26, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0374Jan 26, 2022
    affected < 3.93fixed 3.93

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0266Jan 19, 2022
    affected < 3.92fixed 3.92

    Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.

  • CVE-2022-0253Jan 17, 2022
    affected <= 3.91

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2022-0226Jan 14, 2022
    affected < 3.92fixed 3.92

    livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

  • CVE-2022-0231Jan 14, 2022
    affected < 3.92fixed 3.92

    livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

  • CVE-2022-0083Jan 4, 2022
    affected < 3.91fixed 3.91

    livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information

  • CVE-2021-4131Dec 18, 2021
    affected < 3.91fixed 3.91

    livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

  • CVE-2021-4132Dec 17, 2021
    affected < 3.91fixed 3.91

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Page 1 of 2