unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2023-0528
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin/abc.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed CVE project by @Sn0wAlice
Create: 2023-01-27 21:56:39 +0000 UTC Push: 2023-01-27 21:56:41 +0000 UTC |
Live-Hack-CVE/CVE-2023-0527
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input "><script>alert(document.domain)</script> leads to cross site sc CVE project by @Sn0wAlice
Create: 2023-01-27 21:56:36 +0000 UTC Push: 2023-01-27 21:56:38 +0000 UTC |
Live-Hack-CVE/CVE-2022-48120
SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers to execute arbitrary commands via the contact and doctor parameters to /search.php. CVE project by @Sn0wAlice
Create: 2023-01-27 21:56:32 +0000 UTC Push: 2023-01-27 21:56:34 +0000 UTC |
Live-Hack-CVE/CVE-2022-48152
SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and gain sensitive information via the id parameter to /medicines/profile.php. CVE project by @Sn0wAlice
Create: 2023-01-27 21:56:28 +0000 UTC Push: 2023-01-27 21:56:31 +0000 UTC |
Live-Hack-CVE/CVE-2022-47747
kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs. CVE project by @Sn0wAlice
Create: 2023-01-27 21:56:25 +0000 UTC Push: 2023-01-27 21:56:27 +0000 UTC |
Live-Hack-CVE/CVE-2021-44226
Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on %PROGRAMDATA%\Razer\Synapse3\Service\bin even if %PROGRAMDATA%\Razer has been created by any unprivileged user before Synapse is installed. The unprivileged user may have placed Trojan horse DLLs there. CVE project by @Sn0wAlice
Create: 2023-01-27 19:46:17 +0000 UTC Push: 2023-01-27 19:46:20 +0000 UTC |
Live-Hack-CVE/CVE-2022-2712
In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed application source code. CVE project by @Sn0wAlice
Create: 2023-01-27 19:46:12 +0000 UTC Push: 2023-01-27 19:46:15 +0000 UTC |
0xlilim/CVE-2021-3129
Create: 2023-01-27 18:23:05 +0000 UTC Push: 2023-01-27 18:23:05 +0000 UTC |
Live-Hack-CVE/CVE-2023-22740
Discourse is an open source platform for community discussion. Versions prior to 3.1.0.beta1 (beta) (tests-passed) are vulnerable to Allocation of Resources Without Limits. Users can create chat drafts of an unlimited length, which can cause a denial of service by generating an excessive load on the server. Additionall CVE project by @Sn0wAlice
Create: 2023-01-27 14:21:03 +0000 UTC Push: 2023-01-27 14:21:05 +0000 UTC |
Live-Hack-CVE/CVE-2023-24060
Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have num CVE project by @Sn0wAlice
Create: 2023-01-27 14:20:59 +0000 UTC Push: 2023-01-27 14:21:02 +0000 UTC |
Live-Hack-CVE/CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. CVE project by @Sn0wAlice
Create: 2023-01-27 14:20:56 +0000 UTC Push: 2023-01-27 14:20:58 +0000 UTC |
Live-Hack-CVE/CVE-2020-36658
In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. CVE project by @Sn0wAlice
Create: 2023-01-27 14:20:52 +0000 UTC Push: 2023-01-27 14:20:54 +0000 UTC |
Live-Hack-CVE/CVE-2023-0519
Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice
Create: 2023-01-27 09:47:04 +0000 UTC Push: 2023-01-27 09:47:06 +0000 UTC |
Live-Hack-CVE/CVE-2023-0493
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5. CVE project by @Sn0wAlice
Create: 2023-01-27 09:47:00 +0000 UTC Push: 2023-01-27 09:47:03 +0000 UTC |
Live-Hack-CVE/CVE-2022-46967
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory. CVE project by @Sn0wAlice
Create: 2023-01-27 09:46:57 +0000 UTC Push: 2023-01-27 09:46:59 +0000 UTC |
Live-Hack-CVE/CVE-2022-46966
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php. CVE project by @Sn0wAlice
Create: 2023-01-27 09:46:53 +0000 UTC Push: 2023-01-27 09:46:56 +0000 UTC |
Live-Hack-CVE/CVE-2022-40997
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice
Create: 2023-01-27 07:33:48 +0000 UTC Push: 2023-01-27 07:33:50 +0000 UTC |
Live-Hack-CVE/CVE-2022-40996
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice
Create: 2023-01-27 07:33:43 +0000 UTC Push: 2023-01-27 07:33:45 +0000 UTC |
Live-Hack-CVE/CVE-2022-40995
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice
Create: 2023-01-27 07:33:39 +0000 UTC Push: 2023-01-27 07:33:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-40994
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer ove CVE project by @Sn0wAlice
Create: 2023-01-27 07:33:34 +0000 UTC Push: 2023-01-27 07:33:36 +0000 UTC |
Previous
459
460
461
462
463
464
465
466
Next