85 matches found
PT-2022-13081 · Remdex · Livehelperchat
Name of the Vulnerable Software and Affected Versions: remdex/livehelperchat versions prior to 3.92v Description: The issue is related to an authorization bypass through a user-controlled key. This allows unauthorized access, potentially leading to security breaches. The estimated number of...
Information Disclosure
remdex/livehelperchat is vulnerable to information disclosure. The vulnerability exists due to the lack of sanitization in error message generation, allowing an attacker to check the particular file existence in the system...
Cross-Site Scripting (XSS)
remdex/livehelperchat is vulnerable to cross-site scripting. The vulnerability exists due to lack of sanitization of user input in user profile setting which allows an attacker to inject malicious scripts during Web Page Generation...
Cross-Site Request Forgery (CSRF)
remdex/livehelperchat is vulnerable to Cross-Site Request Forgery CSRF. A remote attacker is able to trick admin user to clear the system cache which allows an attacker to execute the lead action without CSRF token check...
GHSA-H86J-6H6M-QJQW Cross-Site Request Forgery in remdex/livehelperchat
An attacker is able to log out a user if a logged-in user visits the attacker's website. While this cannot harm a user's account, it can be a great annoyance and is a valid CSRF...