Manojkumar J (TheWhiteEvil)

13 exploits Active since Jan 2023
CVE-2025-51403 NOMISEC MEDIUM WRITEUP
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Alias Nick parameter.
CVSS 6.5
CVE-2025-51396 NOMISEC MEDIUM WRITEUP
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter.
CVSS 5.4
CVE-2025-51397 NOMISEC MEDIUM WRITEUP
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the Facebook Chat module of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Surname parameter under the Recipient' Lists.
CVSS 5.4
CVE-2025-51398 NOMISEC MEDIUM WRITEUP
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the Facebook registration page of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.
CVSS 5.4
CVE-2025-51400 NOMISEC MEDIUM WRITEUP
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the Personal Canned Messages of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
CVSS 5.4
CVE-2025-51401 NOMISEC MEDIUM WRITEUP
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the chat transfer function of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the operator name parameter.
CVSS 5.4
CVE-2025-51401 EXPLOITDB MEDIUM text WORKING POC
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the chat transfer function of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the operator name parameter.
CVSS 5.4
CVE-2025-51403 EXPLOITDB MEDIUM text WORKING POC
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Alias Nick parameter.
CVSS 6.5
CVE-2025-51398 EXPLOITDB MEDIUM text WRITEUP
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the Facebook registration page of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.
CVSS 5.4
CVE-2025-51397 EXPLOITDB MEDIUM text WORKING POC
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the Facebook Chat module of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Surname parameter under the Recipient' Lists.
CVSS 5.4
CVE-2025-51400 EXPLOITDB MEDIUM text WORKING POC
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in the Personal Canned Messages of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
CVSS 5.4
CVE-2025-51396 EXPLOITDB MEDIUM text WORKING POC
Live Helper Chat <4.60 - XSS
A stored cross-site scripting (XSS) vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter.
CVSS 5.4
CVE-2023-0493 EXPLOITDB MEDIUM text WORKING POC
Btcpayserver Btcpay Server < 1.7.5 - Injection
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
CVSS 5.3