VYPR

Livehelperchat

by Livehelperchat

Source repositories

CVEs (35)

  • CVE-2022-0083MedJan 4, 2022
    risk 0.28cvss 5.3epss 0.01

    livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information

  • CVE-2021-4132MedDec 17, 2021
    risk 0.28cvss 5.4epss 0.01

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2022-0375MedJan 26, 2022
    risk 0.24cvss 4.8epss 0.01

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0245MedJan 18, 2022
    risk 0.21cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) in GitHub repository livehelperchat/livehelperchat prior to 2.0.

  • CVE-2022-0226MedJan 14, 2022
    risk 0.21cvss 4.3epss 0.00

    livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

  • CVE-2026-27954Feb 26, 2026
    risk 0.00cvss epss 0.00

    Live Helper Chat is an open-source application that enables live support websites. In versions up to and including 4.52, three chat action endpoints (holdaction.php, blockuser.php, and transferchat.php) load chat objects by ID without calling…

  • CVE-2024-27516Feb 28, 2024
    risk 0.00cvss epss 0.01

    Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php.

  • CVE-2022-0935HigApr 7, 2022
    risk 0.00cvss 8.8epss 0.01

    Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.

  • CVE-2022-1234MedApr 6, 2022
    risk 0.00cvss 6.1epss 0.01

    XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.

  • CVE-2022-1191HigMar 31, 2022
    risk 0.00cvss 8.1epss 0.01

    SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.

  • CVE-2021-4176MedDec 29, 2021
    risk 0.00cvss 6.1epss 0.01

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4175MedDec 29, 2021
    risk 0.00cvss 5.4epss 0.01

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4179MedDec 28, 2021
    risk 0.00cvss 5.4epss 0.00

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4177MedDec 28, 2021
    risk 0.00cvss 5.3epss 0.01

    livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information

  • CVE-2021-4169MedDec 26, 2021
    risk 0.00cvss 6.1epss 0.01

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Page 2 of 2