Live-Hack-CVE/CVE-2017-20150 A vulnerability was found in challenge website. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is f1644b1d3502e5aa5284f31ea80d2623817f4d42. It is recommended to apply a patch to fix this issue. The identifier VDB-216989 was assig CVE project by @Sn0wAlice Create: 2023-01-07 03:20:17 +0000 UTC Push: 2023-01-07 03:20:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-23555 authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable to Improper Authentication. Token reuse in invitation URLs leads to access control bypass via the use of a different enrollment flow than in the one provided. The vulnerability CVE project by @Sn0wAlice Create: 2023-01-07 03:20:12 +0000 UTC Push: 2023-01-07 03:20:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-4823 A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is an unknown function of the file app/controllers/geopoll_controller.rb. The manipulation of the argument signature leads to observable timing discrepancy. It is possible to launch the attack remotely. The name of the patch is CVE project by @Sn0wAlice Create: 2023-01-07 03:20:08 +0000 UTC Push: 2023-01-07 03:20:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-4860 A vulnerability was found in KBase Metrics. It has been classified as critical. This affects the function upload_user_data of the file source/daily_cron_jobs/methods_upload_user_stats.py. The manipulation leads to sql injection. The name of the patch is 959dfb6b05991e30b0fa972a1ecdcaae8e1dae6d. It is recommended to app CVE project by @Sn0wAlice Create: 2023-01-07 03:20:04 +0000 UTC Push: 2023-01-07 03:20:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-4861 Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource. CVE project by @Sn0wAlice Create: 2023-01-07 03:20:00 +0000 UTC Push: 2023-01-07 03:20:03 +0000 UTC |

viardant/CVE-2022-0739 Exploit for WP BookingPress (< 1.0.11) based on destr4ct POC. Create: 2023-01-07 03:07:11 +0000 UTC Push: 2023-01-07 03:07:12 +0000 UTC |

Live-Hack-CVE/CVE-2020-7118 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:15:05 +0000 UTC Push: 2023-01-07 02:15:09 +0000 UTC |

Live-Hack-CVE/CVE-2020-7112 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:15:01 +0000 UTC Push: 2023-01-07 02:15:04 +0000 UTC |

Live-Hack-CVE/CVE-2020-24645 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:57 +0000 UTC Push: 2023-01-07 02:15:00 +0000 UTC |

Live-Hack-CVE/CVE-2020-24644 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:52 +0000 UTC Push: 2023-01-07 02:14:56 +0000 UTC |

Live-Hack-CVE/CVE-2020-24643 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:48 +0000 UTC Push: 2023-01-07 02:14:51 +0000 UTC |

Live-Hack-CVE/CVE-2020-24642 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:43 +0000 UTC Push: 2023-01-07 02:14:47 +0000 UTC |

Live-Hack-CVE/CVE-2019-5325 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:40 +0000 UTC Push: 2023-01-07 02:14:42 +0000 UTC |

Live-Hack-CVE/CVE-2019-5316 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:35 +0000 UTC Push: 2023-01-07 02:14:39 +0000 UTC |

Live-Hack-CVE/CVE-2019-5313 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:31 +0000 UTC Push: 2023-01-07 02:14:34 +0000 UTC |

Live-Hack-CVE/CVE-2016-15005 CSRF tokens are generated using math/rand, which is not a cryptographically secure rander number generation, making predicting their values relatively trivial and allowing an attacker to bypass CSRF protections which relatively few requests. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:27 +0000 UTC Push: 2023-01-07 02:14:30 +0000 UTC |

Live-Hack-CVE/CVE-2017-20146 Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:22 +0000 UTC Push: 2023-01-07 02:14:25 +0000 UTC |

Live-Hack-CVE/CVE-2018-25046 Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:17 +0000 UTC Push: 2023-01-07 02:14:21 +0000 UTC |

Live-Hack-CVE/CVE-2019-25091 A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRF_COOKIE_HTTPONLY leads to cookie without 'httponly' flag. It is possible to initiate the attack rem CVE project by @Sn0wAlice Create: 2023-01-07 02:14:13 +0000 UTC Push: 2023-01-07 02:14:16 +0000 UTC |

Live-Hack-CVE/CVE-2021-4296 A vulnerability, which was classified as problematic, has been found in w3c Unicorn. This issue affects the function ValidatorNuMessage of the file src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The CVE project by @Sn0wAlice Create: 2023-01-07 02:14:08 +0000 UTC Push: 2023-01-07 02:14:11 +0000 UTC |