Live-Hack-CVE/CVE-2015-10045 A vulnerability, which was classified as critical, was found in tutrantta project_todolist. Affected is the function getAffectedRows/where/insert/update in the library library/Database.php. The manipulation leads to sql injection. The name of the patch is 194a0411bbe11aa4813f13c66b9e8ea403539141. It is recommended to a CVE project by @Sn0wAlice Create: 2023-01-15 20:09:51 +0000 UTC Push: 2023-01-15 20:09:54 +0000 UTC |

Live-Hack-CVE/CVE-2015-10044 A vulnerability classified as critical was found in gophergala sqldump. This vulnerability affects unknown code. The manipulation leads to sql injection. The name of the patch is 76db54e9073b5248b8863e71a63d66a32d567d21. It is recommended to apply a patch to fix this issue. VDB-218350 is the identifier assigned to this CVE project by @Sn0wAlice Create: 2023-01-15 20:09:47 +0000 UTC Push: 2023-01-15 20:09:50 +0000 UTC |

lixiang957/CVE-2021-36630 Create: 2023-01-15 17:55:38 +0000 UTC Push: 2023-01-15 17:55:39 +0000 UTC |

lixiang957/CVE-2021-33959 CVE-2021-33959漏洞原理与poc验证 Create: 2023-01-15 17:09:17 +0000 UTC Push: 2023-01-15 17:09:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-0302 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. CVE project by @Sn0wAlice Create: 2023-01-15 14:41:00 +0000 UTC Push: 2023-01-15 14:41:03 +0000 UTC |

Live-Hack-CVE/CVE-2023-23590 Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device. CVE project by @Sn0wAlice Create: 2023-01-15 14:40:53 +0000 UTC Push: 2023-01-15 14:40:56 +0000 UTC |

nhamle2/CVE-2015-8660 Create: 2023-01-15 10:35:52 +0000 UTC Push: 2023-01-15 10:35:52 +0000 UTC |

Live-Hack-CVE/CVE-2015-10043 A vulnerability, which was classified as critical, was found in abreen Apollo. This affects an unknown part. The manipulation of the argument file leads to path traversal. The name of the patch is 6206406630780bbd074aff34f4683fb764faba71. It is recommended to apply a patch to fix this issue. The associated identifier o CVE project by @Sn0wAlice Create: 2023-01-15 08:08:53 +0000 UTC Push: 2023-01-15 08:08:56 +0000 UTC |

Live-Hack-CVE/CVE-2015-10020 A vulnerability has been found in ssn2013 cis450Project and classified as critical. This vulnerability affects the function addUser of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. The manipulation leads to sql injection. The name of the patch is 39b495011437a105c7670e17e071f99195b4922e. It is reco CVE project by @Sn0wAlice Create: 2023-01-15 08:08:48 +0000 UTC Push: 2023-01-15 08:08:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-4711 The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_save_mega_menu_settings' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to enable and modify Mega Menu settings for any m CVE project by @Sn0wAlice Create: 2023-01-15 08:08:44 +0000 UTC Push: 2023-01-15 08:08:47 +0000 UTC |

Live-Hack-CVE/CVE-2016-15017 A vulnerability has been found in fabarea media_upload and classified as critical. This vulnerability affects the function getUploadedFileList of the file Classes/Service/UploadFileService.php. The manipulation leads to pathname traversal. Upgrading to version 0.9.0 is able to address this issue. The name of the patch CVE project by @Sn0wAlice Create: 2023-01-15 08:08:39 +0000 UTC Push: 2023-01-15 08:08:42 +0000 UTC |

Live-Hack-CVE/CVE-2017-20167 A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is fc0e732e58630cba318d6bf49d1388a7aa9d390e. I CVE project by @Sn0wAlice Create: 2023-01-15 05:55:38 +0000 UTC Push: 2023-01-15 05:55:39 +0000 UTC |

Live-Hack-CVE/CVE-2023-0301 Cross-site Scripting (XSS) - Stored in GitHub repository alfio-event/alf.io prior to Alf.io 2.0-M4-2301. CVE project by @Sn0wAlice Create: 2023-01-15 03:42:30 +0000 UTC Push: 2023-01-15 03:42:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-0300 Cross-site Scripting (XSS) - Reflected in GitHub repository alfio-event/alf.io prior to 2.0-M4-2301. CVE project by @Sn0wAlice Create: 2023-01-15 03:42:26 +0000 UTC Push: 2023-01-15 03:42:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-0299 Improper Input Validation in GitHub repository publify/publify prior to 9.2.10. CVE project by @Sn0wAlice Create: 2023-01-15 01:32:35 +0000 UTC Push: 2023-01-15 01:32:36 +0000 UTC |

pwneddr/-Sonic_CVE-2022-22274-_poc Create: 2023-01-15 01:15:53 +0000 UTC Push: 2023-01-15 01:15:54 +0000 UTC |

pwneddr/Sonic_CVE-2022-22274_poc Create: 2023-01-15 01:15:53 +0000 UTC Push: 2023-01-15 01:17:22 +0000 UTC |

Live-Hack-CVE/CVE-2022-2815 Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10. CVE project by @Sn0wAlice Create: 2023-01-14 23:18:56 +0000 UTC Push: 2023-01-14 23:18:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-1812 Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. CVE project by @Sn0wAlice Create: 2023-01-14 23:18:52 +0000 UTC Push: 2023-01-14 23:18:55 +0000 UTC |

Live-Hack-CVE/CVE-2022-45353 Broken Access Control in Betheme theme <= 26.6.1 on WordPress. CVE project by @Sn0wAlice Create: 2023-01-14 22:12:03 +0000 UTC Push: 2023-01-14 22:12:05 +0000 UTC |