Turzum/ps-lab-cve-2021-42013 Resources required for PS lab CVE-2021-42013 Apache HTTP Server: Emulation and Detection Create: 2023-01-20 05:22:26 +0000 UTC Push: 2023-01-20 05:22:27 +0000 UTC |

Muirey03/CVE-2022-42864 Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition Create: 2023-01-20 04:36:49 +0000 UTC Push: 2023-01-21 01:58:39 +0000 UTC |

Live-Hack-CVE/CVE-2017-16281 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authentica CVE project by @Sn0wAlice Create: 2023-01-20 03:52:20 +0000 UTC Push: 2023-01-20 03:52:22 +0000 UTC |

Live-Hack-CVE/CVE-2022-40697 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in 3com – Asesor de Cookies para normativa española plugin <= 3.4.3 versions. CVE project by @Sn0wAlice Create: 2023-01-20 03:52:14 +0000 UTC Push: 2023-01-20 03:52:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-39167 IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408. CVE project by @Sn0wAlice Create: 2023-01-20 03:52:10 +0000 UTC Push: 2023-01-20 03:52:13 +0000 UTC |

Live-Hack-CVE/CVE-2022-1676 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:52:06 +0000 UTC Push: 2023-01-20 03:52:09 +0000 UTC |

Live-Hack-CVE/CVE-2020-1713 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:52:02 +0000 UTC Push: 2023-01-20 03:52:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-4874 Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a "fake login" to give the reques CVE project by @Sn0wAlice Create: 2023-01-20 03:51:58 +0000 UTC Push: 2023-01-20 03:52:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-4873 On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:55 +0000 UTC Push: 2023-01-20 03:51:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-4415 A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:51 +0000 UTC Push: 2023-01-20 03:51:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-0406 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:45 +0000 UTC Push: 2023-01-20 03:51:46 +0000 UTC |

Live-Hack-CVE/CVE-2022-47745 ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can complete SQL injection by constructing a special request and sending it to function importNotice. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:41 +0000 UTC Push: 2023-01-20 03:51:43 +0000 UTC |

Live-Hack-CVE/CVE-2022-47740 Seltmann GmbH Content Management System 6 is vulnerable to SQL Injection via /index.php. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:37 +0000 UTC Push: 2023-01-20 03:51:40 +0000 UTC |

Live-Hack-CVE/CVE-2022-47197 An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can sen CVE project by @Sn0wAlice Create: 2023-01-20 03:51:33 +0000 UTC Push: 2023-01-20 03:51:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-47196 An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can sen CVE project by @Sn0wAlice Create: 2023-01-20 03:51:29 +0000 UTC Push: 2023-01-20 03:51:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-47195 An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can sen CVE project by @Sn0wAlice Create: 2023-01-20 03:51:25 +0000 UTC Push: 2023-01-20 03:51:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-47194 An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can sen CVE project by @Sn0wAlice Create: 2023-01-20 03:51:21 +0000 UTC Push: 2023-01-20 03:51:24 +0000 UTC |

Live-Hack-CVE/CVE-2020-25714 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:17 +0000 UTC Push: 2023-01-20 03:51:20 +0000 UTC |

Live-Hack-CVE/CVE-2020-25679 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:13 +0000 UTC Push: 2023-01-20 03:51:16 +0000 UTC |

Live-Hack-CVE/CVE-2020-1715 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-20 03:51:10 +0000 UTC Push: 2023-01-20 03:51:12 +0000 UTC |