Lucene search
K

58 matches found

Openbugbounty
Openbugbounty
added 2020/08/24 7:12 a.m.9 views

livechat.8years.com Cross Site Scripting vulnerability OBB-1272338

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/08/20 5:19 p.m.6 views

livechat.8seasons.com Cross Site Scripting vulnerability OBB-1267793

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
0day.today
0day.today
added 2019/12/05 12:0 a.m.716 views

YouPHPTube 7.7 SQL Injection Vulnerability

Exploit for php platform in category web applications ---------------------------------------------------------------- YouPHPTube = 7.7 getChat.json.php SQL Injection Vulnerability ---------------------------------------------------------------- - Software Link: https://www.youphptube.com -...

7.5CVSS0.02314EPSS
Exploits2
CNVD
CNVD
added 2019/11/04 12:0 a.m.5 views

YouPHPTube LiveChat Plugin SQL Injection Vulnerability

YouPHPTube is an open source YouTube clone script. A SQL injection vulnerability exists in the LiveChat plugin in YouPHPTube 7.7 and earlier versions. The vulnerability stems from a failure to properly validate user input passed via the livestreamcode POST parameter to...

9.8CVSS7.8AI score0.02314EPSS
Exploits2References1
Patchstack
Patchstack
added 2019/07/10 12:0 a.m.10 views

WordPress LiveChat plugin <= 3.7.2 - Stored Cross-Site Scripting (XSS) and unauthenticated Option Update/Reset vulnerabilities

Stored Cross-Site Scripting XSS and unauthenticated Option Update/Reset vulnerabilities found by Pluginvulnerabilities in WordPress LiveChat plugin versions = 3.7.2. Solution Update the WordPress LiveChat plugin to the latest available version 3.7.4...

2.1AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/06/26 12:0 a.m.27 views

LiveChat <= 3.7.2 - Unauthenticated Option Update/Reset and Stored XSS

The lack of proper CSRF and Authorisation checks could allow an unauthenticated attacker to update or reset the plugin's settings. Furthermore, when updating the livechatemail option, no sanitisation is performed, leading to a Stored XSS issue in the plugin's settings page. CSRF and XSS fixed in...

0.5AI score
Exploits0References1Affected Software1
wpexploit
wpexploit
added 2019/06/26 12:0 a.m.18 views

LiveChat <= 3.7.2 - Unauthenticated Option Update/Reset and Stored XSS

The lack of proper CSRF and Authorisation checks could allow an unauthenticated attacker to update or reset the plugin's settings. Furthermore, when updating the livechatemail option, no sanitisation is performed, leading to a Stored XSS issue in the plugin's settings page. CSRF and XSS fixed in...

6.5AI score
Exploits0References1
Hacker One
Hacker One
added 2018/03/02 4:4 p.m.17 views

Mail.ru: XSS в названии лайвчата

Stored XSS in web.icq.com via livechat name...

1.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/12/20 11:45 a.m.7 views

livechat.igg.com XSS vulnerability

Open Bug Bounty ID: OBB-198928 Description| Value ---|--- Affected Website:| livechat.igg.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Hacker One
Hacker One
added 2016/07/13 6:15 a.m.28 views

Shopify: Stealing livechat token and using it to chat as the user - user information disclosure

Hi , I have found an issue through which an attacker can steal users' livechat access token and use it to login and chat with the support agents as them , he also will be able to get access to sensitive user information such as his email and his first name and last name. Details: When you go to...

6.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/29 12:0 a.m.21 views

joomla组件 LiveChat V2.0 参数last SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/08/23 12:0 a.m.62 views

LiveWorld Multiple Products - Cross Site Scripting

LiveWorld Multiple Products - Cross Site Scripting LiveWorld Cross Site Scripting Vendor: LiveWorld, Inc Product: LiveWorld Version: Multiple Products Website: http://www.liveworld.com CVE: CVE-2004-2566 OSVDB: 9180 PACKETSTORM: 34143 Description: LiveWorld provides collaborative services for...

4.3CVSS0.01736EPSS
Exploits3
Exploit DB
Exploit DB
added 2014/08/23 12:0 a.m.33 views

LiveWorld Multiple Products - Cross Site Scripting

LiveWorld Cross Site Scripting Vendor: LiveWorld, Inc Product: LiveWorld Version: Multiple Products Website: http://www.liveworld.com CVE: CVE-2004-2566 OSVDB: 9180 PACKETSTORM: 34143 Description: LiveWorld provides collaborative services for online meetings, customer care, and loyalty marketing...

4.3CVSS6.8AI score0.01736EPSS
Exploits3
Packet Storm
Packet Storm
added 2013/01/05 12:0 a.m.37 views

Joomla LiveChat 2.0 XSS / SQL Injection

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Author: Ur0b0r0x Tiwtte: @Ur0b0r0x Email: [email protected] Line: GreyHat Home: ur0b0r0x.blogspot.com Exploit Title: Joomla Component - LiveChat 2.0 Multilpes...

7.5CVSS0.4AI score0.01003EPSS
Exploits2
Packet Storm
Packet Storm
added 2012/03/15 12:0 a.m.39 views

Volusion Chat Cross Site Scripting

Exploit Title: Volusion Chat Cross Site Scripting Date: 15.03.2012 Author: Sony Software Link: http://www.volusion.com/ Google Dorks: inurl:livechat.aspx?ID= intext:volusion or intext:powered by volusion Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC:...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/04/07 8:55 p.m.13 views

Progenic.com down with Social Engineering by Saken & Josh of TeamDX !

Progenic.com down with Social Engineering by Saken & Josh of TeamDX ! Method: Social Engineering via LiveChat + Phone + Support Ticket System How: They had a SSN + DOB posted on their forum, Saken & Josh of TeamDX simply played the role of the person that the identity was stolen from, their domai...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2010/05/13 2:34 p.m.6 views

Facebook and the Never-Ending Privacy Discussion

As each day goes by, I see more and more people complaining when it comes to Facebook and privacy: I’d like to make my friend list private. Cannot. I’d like to have my profile visible only to my friends, not my boss. Cannot. I’d like to support an anti-abortion group without my mother or the worl...

0.5AI score
Exploits0References4
Cvelist
Cvelist
added 2005/11/22 2:0 a.m.19 views

CVE-2004-2566

Multiple cross-site scripting XSS vulnerabilities in LiveWorld products, possibly including 1 LiveForum, 2 LiveQ&A, 3 LiveChat, and 4 LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in a search.jsp, b findclub!execute.jspa, and c search!execute.js...

5.9AI score0.01736EPSS
Exploits3References5
Rows per page
Query Builder