Live-Hack-CVE/CVE-2019-25072 Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:05 +0000 UTC Push: 2023-01-07 02:14:07 +0000 UTC |

Live-Hack-CVE/CVE-2021-4295 A vulnerability classified as problematic was found in ONC code-validator-api up to 1.0.30. This vulnerability affects the function vocabularyValidationConfigurations of the file src/main/java/org/sitenv/vocabularies/configuration/CodeValidatorApiConfiguration.java of the component XML Handler. The manipulation leads t CVE project by @Sn0wAlice Create: 2023-01-07 02:14:00 +0000 UTC Push: 2023-01-07 02:14:03 +0000 UTC |

Live-Hack-CVE/CVE-2018-25050 A vulnerability, which was classified as problematic, has been found in Harvest Chosen up to 1.8.6. Affected by this issue is the function AbstractChosen of the file coffee/lib/abstract-chosen.coffee. The manipulation of the argument group_label leads to cross site scripting. The attack may be launched remotely. Upgrad CVE project by @Sn0wAlice Create: 2023-01-07 02:13:56 +0000 UTC Push: 2023-01-07 02:13:59 +0000 UTC |

Live-Hack-CVE/CVE-2019-25073 Improper path santiziation in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory. CVE project by @Sn0wAlice Create: 2023-01-07 02:13:51 +0000 UTC Push: 2023-01-07 02:13:54 +0000 UTC |

Live-Hack-CVE/CVE-2020-36559 Due to improper santization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read. CVE project by @Sn0wAlice Create: 2023-01-07 02:13:47 +0000 UTC Push: 2023-01-07 02:13:50 +0000 UTC |

komomon/CVE-2022-44877-RCE CVE-2022-44877 Centos Web Panel 7 Unauthenticated Remote Code Execution Create: 2023-01-07 00:53:51 +0000 UTC Push: 2023-01-07 00:53:52 +0000 UTC |

Live-Hack-CVE/CVE-2019-25099 A vulnerability classified as critical was found in Arthmoor QSF-Portal. This vulnerability affects unknown code of the file index.php. The manipulation of the argument a leads to path traversal. The name of the patch is ea4f61e23ecb83247d174bc2e2cbab521c751a7d. It is recommended to apply a patch to fix this issue. VDB CVE project by @Sn0wAlice Create: 2023-01-07 00:03:08 +0000 UTC Push: 2023-01-07 00:03:11 +0000 UTC |

Live-Hack-CVE/CVE-2015-10018 A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesController.php. The manipulation leads to sql injection. Upgrading to version 1.0.0 is able to address this issue. The name of CVE project by @Sn0wAlice Create: 2023-01-07 00:03:03 +0000 UTC Push: 2023-01-07 00:03:07 +0000 UTC |

Live-Hack-CVE/CVE-2014-125049 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in typcn Blogile. Affected is the function getNav of the file server.js. The manipulation of the argument query leads to sql injection. The name of the patch is cfec31043b562ffefe29fe01af6d3c5ed1 CVE project by @Sn0wAlice Create: 2023-01-07 00:02:59 +0000 UTC Push: 2023-01-07 00:03:02 +0000 UTC |

Live-Hack-CVE/CVE-2014-125048 A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue affects some unknown processing of the file app/controllers/oauth.js. The manipulation leads to session fixiation. The name of the patch is e9f0d509e1408743048e29d9c099d36e0e1f6ae7. It is recommended to apply a patch to fix CVE project by @Sn0wAlice Create: 2023-01-07 00:02:54 +0000 UTC Push: 2023-01-07 00:02:57 +0000 UTC |

Live-Hack-CVE/CVE-2018-25057 A vulnerability was found in simple_php_link_shortener. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument $link["id"] leads to sql injection. The name of the patch is b26ac6480761635ed94ccb0222ba6b732de6e53f. It is recommended to apply a patch to CVE project by @Sn0wAlice Create: 2023-01-07 00:02:47 +0000 UTC Push: 2023-01-07 00:02:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-3156 A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software. Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted softwa CVE project by @Sn0wAlice Create: 2023-01-07 00:02:29 +0000 UTC Push: 2023-01-07 00:02:33 +0000 UTC |

Live-Hack-CVE/CVE-2020-36567 Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines. CVE project by @Sn0wAlice Create: 2023-01-07 00:02:25 +0000 UTC Push: 2023-01-07 00:02:28 +0000 UTC |

Live-Hack-CVE/CVE-2013-10005 The RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a stack overflow. CVE project by @Sn0wAlice Create: 2023-01-07 00:02:20 +0000 UTC Push: 2023-01-07 00:02:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-4879 A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. The name of the patch is CVE project by @Sn0wAlice Create: 2023-01-06 21:51:57 +0000 UTC Push: 2023-01-06 21:52:01 +0000 UTC |

Live-Hack-CVE/CVE-2020-36642 A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue affects the function run_in_sandbox of the file application/libraries/LanguageTask.php. The manipulation leads to command injection. Upgrading to version 1.7.0 is able to address this issue. The name of the patch is 8f43daf50 CVE project by @Sn0wAlice Create: 2023-01-06 21:51:53 +0000 UTC Push: 2023-01-06 21:51:56 +0000 UTC |

Live-Hack-CVE/CVE-2018-25066 A vulnerability was found in PeterMu nodebatis up to 2.1.x. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. Upgrading to version 2.2.0 is able to address this issue. The name of the patch is 6629ff5b7e3d62ad8319007a54589ec1f62c7c35. It is recommended to upgr CVE project by @Sn0wAlice Create: 2023-01-06 21:51:48 +0000 UTC Push: 2023-01-06 21:51:51 +0000 UTC |

Live-Hack-CVE/CVE-2015-10017 A vulnerability has been found in HPI-Information-Systems ProLOD and classified as critical. This vulnerability affects unknown code. The manipulation of the argument this leads to sql injection. The name of the patch is 3f710905458d49c77530bd3cbcd8960457566b73. It is recommended to apply a patch to fix this issue. The CVE project by @Sn0wAlice Create: 2023-01-06 21:51:44 +0000 UTC Push: 2023-01-06 21:51:47 +0000 UTC |

Live-Hack-CVE/CVE-2014-125047 A vulnerability classified as critical has been found in tbezman school-store. This affects an unknown part. The manipulation leads to sql injection. The name of the patch is 2957fc97054216d3a393f1775efd01ae2b072001. It is recommended to apply a patch to fix this issue. The identifier VDB-217557 was assigned to this vu CVE project by @Sn0wAlice Create: 2023-01-06 21:51:40 +0000 UTC Push: 2023-01-06 21:51:43 +0000 UTC |

kriso4os/CVE-2018-25031 Create: 2023-01-06 19:58:15 +0000 UTC Push: 2023-01-06 19:58:16 +0000 UTC |