Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-30537

Malware in sbrugna...

9.6CVSS9.1AI score0.02465EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2879

Malware in sbrugna...

6.1CVSS6.7AI score0.00616EPSS
Exploits0References2
CNVD
CNVD
added 2020/03/10 12:0 a.m.4 views

LiveZilla Live Chat Elevation of Privilege Vulnerability

LiveZilla Live Chat is a free online customer service system from the German company LiveZilla. The system provides real-time monitoring of visitors, offline messages, GeoTracking map tracking, access statistics, online chat and other features. A security vulnerability exists in the 'name' functi...

9.6CVSS7AI score0.02465EPSS
Exploits0References1
NVD
NVD
added 2020/03/09 7:15 p.m.15 views

CVE-2020-9758

An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 Helpdesk. A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level...

9.6CVSS9.5AI score0.02465EPSS
Exploits0References1
Prion
Prion
added 2020/03/09 7:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 Helpdesk. A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level...

4.3CVSS9.3AI score0.02465EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/09 6:27 p.m.15 views

CVE-2020-9758

An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 Helpdesk. A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level...

9.5AI score0.02465EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/03/09 12:0 a.m.22 views

CVE-2020-9758

An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 Helpdesk. A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level...

9.6CVSS1.3AI score0.02465EPSS
Exploits0References2
Prion
Prion
added 2018/05/16 1:29 p.m.14 views

Cross site scripting

chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header...

4.3CVSS6AI score0.00616EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/05/16 1:29 p.m.3 views

CVE-2018-10810

chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header...

6.1CVSS5.8AI score0.00616EPSS
Exploits0References1
Rows per page
Query Builder