Live-Hack-CVE/CVE-2023-22572 Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover. CVE project by @Sn0wAlice Create: 2023-02-09 02:15:39 +0000 UTC Push: 2023-02-09 02:15:41 +0000 UTC |

Live-Hack-CVE/CVE-2023-23135 An arbitrary file upload vulnerability in Ftdms v3.1.6 allows attackers to execute arbitrary code via uploading a crafted JPG file. CVE project by @Sn0wAlice Create: 2023-02-09 02:15:26 +0000 UTC Push: 2023-02-09 02:15:28 +0000 UTC |

KTN1990/CVE-2022-0316_wordpress_multiple_themes_exploit Wordpress Multiple themes - Unauthenticated Arbitrary File Upload Create: 2023-02-09 01:37:09 +0000 UTC Push: 2023-02-09 09:46:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-0747 Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.6. CVE project by @Sn0wAlice Create: 2023-02-09 00:01:48 +0000 UTC Push: 2023-02-09 00:01:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-41620 Cross-Site Request Forgery (CSRF) vulnerability in SeoSamba for WordPress Webmasters plugin <= 1.0.5 versions. CVE project by @Sn0wAlice Create: 2023-02-09 00:01:44 +0000 UTC Push: 2023-02-09 00:01:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-43765 B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to port 55502/tcp, which may allow a network based attacker to cause an application Denial-of-Service. CVE project by @Sn0wAlice Create: 2023-02-08 21:51:20 +0000 UTC Push: 2023-02-08 21:51:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-43764 Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code. CVE project by @Sn0wAlice Create: 2023-02-08 21:51:16 +0000 UTC Push: 2023-02-08 21:51:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-43763 Insufficient check of preconditions could lead to Denial of Service conditions when calling commands on the Tbase server of B&R APROL versions < R 4.2-07. CVE project by @Sn0wAlice Create: 2023-02-08 21:51:12 +0000 UTC Push: 2023-02-08 21:51:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-43762 Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages CVE project by @Sn0wAlice Create: 2023-02-08 21:51:08 +0000 UTC Push: 2023-02-08 21:51:11 +0000 UTC |

pierpaolosestito-dev/Log4Shell-CVE-2021-44228-PoC Create: 2023-02-08 20:19:32 +0000 UTC Push: 2023-02-08 20:20:31 +0000 UTC |

Live-Hack-CVE/CVE-2021-3958 Improper Handling of Parameters vulnerability in Ipack Automation Systems Ipack SCADA Software allows : Blind SQL Injection.This issue affects Ipack SCADA Software: from unspecified before 1.1.0. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:29 +0000 UTC Push: 2023-02-08 19:37:32 +0000 UTC |

Live-Hack-CVE/CVE-2023-0744 Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:25 +0000 UTC Push: 2023-02-08 19:37:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-0743 Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:20 +0000 UTC Push: 2023-02-08 19:37:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-0742 Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:17 +0000 UTC Push: 2023-02-08 19:37:19 +0000 UTC |

Live-Hack-CVE/CVE-2023-0741 Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:13 +0000 UTC Push: 2023-02-08 19:37:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-0740 Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:08 +0000 UTC Push: 2023-02-08 19:37:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-43761 Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07 allows reading and changing the system configuration. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:04 +0000 UTC Push: 2023-02-08 19:37:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-2094 The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting CVE project by @Sn0wAlice Create: 2023-02-08 19:37:00 +0000 UTC Push: 2023-02-08 19:37:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-0726 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_edit_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted th CVE project by @Sn0wAlice Create: 2023-02-08 15:13:33 +0000 UTC Push: 2023-02-08 15:13:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-0725 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_clone_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted t CVE project by @Sn0wAlice Create: 2023-02-08 15:13:30 +0000 UTC Push: 2023-02-08 15:13:32 +0000 UTC |