58 matches found
livechat.8years.com Cross Site Scripting vulnerability OBB-1272338
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
livechat.8seasons.com Cross Site Scripting vulnerability OBB-1267793
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
YouPHPTube 7.7 SQL Injection Vulnerability
Exploit for php platform in category web applications ---------------------------------------------------------------- YouPHPTube = 7.7 getChat.json.php SQL Injection Vulnerability ---------------------------------------------------------------- - Software Link: https://www.youphptube.com -...
YouPHPTube LiveChat Plugin SQL Injection Vulnerability
YouPHPTube is an open source YouTube clone script. A SQL injection vulnerability exists in the LiveChat plugin in YouPHPTube 7.7 and earlier versions. The vulnerability stems from a failure to properly validate user input passed via the livestreamcode POST parameter to...
WordPress LiveChat plugin <= 3.7.2 - Stored Cross-Site Scripting (XSS) and unauthenticated Option Update/Reset vulnerabilities
Stored Cross-Site Scripting XSS and unauthenticated Option Update/Reset vulnerabilities found by Pluginvulnerabilities in WordPress LiveChat plugin versions = 3.7.2. Solution Update the WordPress LiveChat plugin to the latest available version 3.7.4...
LiveChat <= 3.7.2 - Unauthenticated Option Update/Reset and Stored XSS
The lack of proper CSRF and Authorisation checks could allow an unauthenticated attacker to update or reset the plugin's settings. Furthermore, when updating the livechatemail option, no sanitisation is performed, leading to a Stored XSS issue in the plugin's settings page. CSRF and XSS fixed in...
LiveChat <= 3.7.2 - Unauthenticated Option Update/Reset and Stored XSS
The lack of proper CSRF and Authorisation checks could allow an unauthenticated attacker to update or reset the plugin's settings. Furthermore, when updating the livechatemail option, no sanitisation is performed, leading to a Stored XSS issue in the plugin's settings page. CSRF and XSS fixed in...
Mail.ru: XSS в названии лайвчата
Stored XSS in web.icq.com via livechat name...
livechat.igg.com XSS vulnerability
Open Bug Bounty ID: OBB-198928 Description| Value ---|--- Affected Website:| livechat.igg.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Shopify: Stealing livechat token and using it to chat as the user - user information disclosure
Hi , I have found an issue through which an attacker can steal users' livechat access token and use it to login and chat with the support agents as them , he also will be able to get access to sensitive user information such as his email and his first name and last name. Details: When you go to...
joomla组件 LiveChat V2.0 参数last SQL注入漏洞
No description provided by source...
LiveWorld Multiple Products - Cross Site Scripting
LiveWorld Multiple Products - Cross Site Scripting LiveWorld Cross Site Scripting Vendor: LiveWorld, Inc Product: LiveWorld Version: Multiple Products Website: http://www.liveworld.com CVE: CVE-2004-2566 OSVDB: 9180 PACKETSTORM: 34143 Description: LiveWorld provides collaborative services for...
LiveWorld Multiple Products - Cross Site Scripting
LiveWorld Cross Site Scripting Vendor: LiveWorld, Inc Product: LiveWorld Version: Multiple Products Website: http://www.liveworld.com CVE: CVE-2004-2566 OSVDB: 9180 PACKETSTORM: 34143 Description: LiveWorld provides collaborative services for online meetings, customer care, and loyalty marketing...
Joomla LiveChat 2.0 XSS / SQL Injection
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Author: Ur0b0r0x Tiwtte: @Ur0b0r0x Email: [email protected] Line: GreyHat Home: ur0b0r0x.blogspot.com Exploit Title: Joomla Component - LiveChat 2.0 Multilpes...
Volusion Chat Cross Site Scripting
Exploit Title: Volusion Chat Cross Site Scripting Date: 15.03.2012 Author: Sony Software Link: http://www.volusion.com/ Google Dorks: inurl:livechat.aspx?ID= intext:volusion or intext:powered by volusion Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC:...
Progenic.com down with Social Engineering by Saken & Josh of TeamDX !
Progenic.com down with Social Engineering by Saken & Josh of TeamDX ! Method: Social Engineering via LiveChat + Phone + Support Ticket System How: They had a SSN + DOB posted on their forum, Saken & Josh of TeamDX simply played the role of the person that the identity was stolen from, their domai...
Facebook and the Never-Ending Privacy Discussion
As each day goes by, I see more and more people complaining when it comes to Facebook and privacy: I’d like to make my friend list private. Cannot. I’d like to have my profile visible only to my friends, not my boss. Cannot. I’d like to support an anti-abortion group without my mother or the worl...
CVE-2004-2566
Multiple cross-site scripting XSS vulnerabilities in LiveWorld products, possibly including 1 LiveForum, 2 LiveQ&A, 3 LiveChat, and 4 LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in a search.jsp, b findclub!execute.jspa, and c search!execute.js...