remdex/livehelperchat
Packagist23 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting remdex/livehelperchatpage 1 of 1
- CVE-2021-4049MEDIUMCVSS 6.5EG 6.52021-12-07
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2021-4050MEDIUMCVSS 6.1EG 6.12021-12-08
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE-2021-4123MEDIUMCVSS 6.5EG 6.52021-12-16
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2021-4131HIGHCVSS 8.8EG 8.8✓ Fixed in 3.912021-12-18
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2021-4132MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.912021-12-17
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE-2022-0083MEDIUMCVSS 5.3EG 5.3✓ Fixed in 3.912022-01-04
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
- CVE-2022-0226MEDIUMCVSS 4.3EG 4.3✓ Fixed in 3.922022-01-14
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2022-0231MEDIUMCVSS 6.5EG 6.5✓ Fixed in 3.922022-01-14
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2022-0253MEDIUMCVSS 5.4EG 5.42022-01-17
vulnerable: 1.74 ... 2.0 (17 versions)
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE-2022-0266MEDIUMCVSS 6.6EG 6.6✓ Fixed in 3.922022-01-19
vulnerable: 1.74 ... 2.0 (17 versions)
Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.
- CVE-2022-0370MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.932022-01-27
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-0374MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.932022-01-26
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-0375MEDIUMCVSS 4.8EG 4.8✓ Fixed in 3.932022-01-26
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-0387MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.932022-01-27
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-0394MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.932022-01-28
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-0395MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.932022-01-28
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-0502MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.932022-02-06
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-0612MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.932022-02-16
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
- CVE-2022-1176HIGHCVSS 7.5EG 7.5✓ Fixed in 3.962022-03-31
vulnerable: 1.74 ... 2.0 (17 versions)
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.
- CVE-2022-1213HIGHCVSS 8.1EG 8.1✓ Fixed in 3.672022-04-05
vulnerable: 1.74 ... 2.0 (17 versions)
SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191
- CVE-2022-1235HIGHCVSS 8.2EG 8.2✓ Fixed in 3.962022-04-05
vulnerable: 1.74 ... 2.0 (17 versions)
Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.
- CVE-2022-1530MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.992022-04-29
vulnerable: 1.74 ... 2.0 (17 versions)
Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.
- CVE-2024-27516CRITICALCVSS 9.8EG 9.8✓ Fixed in 4.292024-02-29
vulnerable: 1.74 ... 2.0 (17 versions)
Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php.
Check whether remdex/livehelperchat is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for remdex/livehelperchat CVEs against the assets you own.
Start Free Scan →