EUVD-2008-3496

Malware in sbrugna...

EUVD-2008-3826

Malware in sbrugna...

EUVD-2004-2347

Malware in sbrugna...

EUVD-2008-0855

Malware in sbrugna...

EUVD-2008-1192

Malware in sbrugna...

EUVD-2008-3831

Malware in sbrugna...

GHSA-W4HP-PCP8-QHF3 Cross-site Scripting in livehelperchat

Stored XSS is found in SettingsLive help configurationDepartments-Departments groups-edit When a user creates a new webhook under the NAME field and puts a payload constructor.constructor'alert1', the input gets stored, at user edit groupname , the payload gets executed...

Cross-site Scripting in livehelperchat

Stored XSS is found in SettingsLive help configurationPersonal Themestatic content. Under the NAME field put a payload constructor.constructor'alert1' while creating content, and you will see that the input gets stored, and every time the user visits, the payload gets executed...

Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

Description Stored XSS is found in SettingsLive help configurationDepartments-Departments groups-edit When a user creates a new webhook under the NAME field and puts a payload constructor.constructor'alert1', the input gets stored, at user edit groupname , the payload gets executed. Proof of...

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

Description A CSRF issue is found in the SettingsLive help configurationCanned Messages. It was found that no CSRF token validation is getting done as no CSRF token is getting passed with the request. Also while generating statistics, the action is done through GET method with no CSRF token. Two...

Tencent Search Live Help has Janus Android Signature Vulnerability

Tencent search live help is professional skills online simply service platform. Tencent search live help exist Janus Android signature vulnerability, attackers can use the vulnerability to obtain system root privileges...

Crafty Syntax Live Help 2.14.6 'livehelp_js.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30543/info Crafty Syntax Live Help CSLH is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script...

Stardevelop Live Help 2.6 'SERVER' Parameter Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37558/info Stardevelop Live Help is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

LiveZilla 3.1.8.3 - XSS Vulnerability

No description provided by source. Info: LiveZilla, the Next Generation Live Help / Live Chat and Live Support System connects you to your website visitors. Use LiveZilla to provide Live Chats and monitor your website visitors in real-time. Convert visitors to customers - with LiveZilla! Credits:...

Crafty Syntax Live Help <= 2.14.6 (department) SQL Injection Vuln

No description provided by source. Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online...

Crafty Syntax Live Help 2.9.9 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20711/info Crafty Syntax Live Help is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input...

Crafty Syntax Live Help RFI / Path Disclosure

Exploit Title : Crafty Syntax Live Help = 2.. & 3.. RFI + Path Disclosure Date : 4/19/2013 Author : ITTIHACK Home : http://ittihack.com Vendor : http://www.craftysyntax.com Download : http://www.craftysyntax.com/craftysyntax3.4.1.zip Version : 2. and 3. , All versions Category : webapps Google do...

Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure

source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to obtain sensitive...

Oracle Live Help On Demand Webcare Cross Site Scripting

Exploit Title: Oracle Live Help On Demand Webcare Cross Site Scripting Date: 29.02.2012 Author: Sony Software Link: http://www.oracle.com/index.html Google Dorks:inurl:UI/gui.php Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC:...