Vulnerability Database

301,050

Total vulnerabilities in the database

CVE-2024-27516

Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php.

Published: Feb 29, 2024
Updated: May 1, 2025
CVE: CVE-2024-27516
GHSA: GHSA-v4cp-2q7v-hg9q
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
remdex / livehelperchat	-	4.29
livehelperchat / live_helper_chat	-	4.34

https://github.com/LiveHelperChat/livehelperchat/commit/a61d231526a36d4a7d8cc957914799ee1f9db0ab
https://github.com/LiveHelperChat/livehelperchat/issues/2054

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo