Live-Hack-CVE/CVE-2022-4821 A vulnerability classified as problematic was found in FlatPress. This vulnerability affects the function onupload of the file admin/panels/uploader/admin.uploader.php of the component XML File Handler/MD File Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the CVE project by @Sn0wAlice Create: 2023-01-06 14:13:54 +0000 UTC Push: 2023-01-06 14:13:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-4820 A vulnerability classified as problematic has been found in FlatPress. This affects an unknown part of the file admin/panels/entry/admin.entry.list.php of the component Admin Area. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 229752b51025e67837 CVE project by @Sn0wAlice Create: 2023-01-06 14:13:51 +0000 UTC Push: 2023-01-06 14:13:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-4819 A vulnerability was found in HotCRP. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is d4ffdb0ef806453c54ddca7fdda3e5c60356285c. It is recommended to apply a patch to fix t CVE project by @Sn0wAlice Create: 2023-01-06 14:13:47 +0000 UTC Push: 2023-01-06 14:13:49 +0000 UTC |

Live-Hack-CVE/CVE-2020-36636 A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x. Affected is the function sendErrorMessage of the file omod/src/main/java/org/openmrs/module/adminui/page/controller/systemadmin/accounts/AccountPageController.java of the component Account Setup Handler. The manipulation le CVE project by @Sn0wAlice Create: 2023-01-06 14:13:42 +0000 UTC Push: 2023-01-06 14:13:45 +0000 UTC |

Live-Hack-CVE/CVE-2021-4291 A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x. It has been declared as problematic. This vulnerability affects unknown code of the file omod/src/main/webapp/pages/metadata/locations/location.gsp. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to versio CVE project by @Sn0wAlice Create: 2023-01-06 14:13:38 +0000 UTC Push: 2023-01-06 14:13:41 +0000 UTC |

Live-Hack-CVE/CVE-2015-5521 Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the name in a new group to backend/groups/index.php. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:34 +0000 UTC Push: 2023-01-06 14:13:37 +0000 UTC |

Live-Hack-CVE/CVE-2022-25923 Versions of the package exec-local-bin before 1.2.0 are vulnerable to Command Injection via the theProcess() functionality due to improper user-input sanitization. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:29 +0000 UTC Push: 2023-01-06 14:13:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-42979 Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for Android and iOS allows attackers to take over an account via a deep link. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:25 +0000 UTC Push: 2023-01-06 14:13:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-44870 A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:21 +0000 UTC Push: 2023-01-06 14:13:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-40049 SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manage_user.php page. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:16 +0000 UTC Push: 2023-01-06 14:13:19 +0000 UTC |

111ddea/Xstream_cve-2022-41966 Create: 2023-01-06 10:37:07 +0000 UTC Push: 2023-01-06 10:37:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-44877 RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:29 +0000 UTC Push: 2023-01-06 09:46:32 +0000 UTC |

Live-Hack-CVE/CVE-2021-32828 The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). This XSS can be escalated to Remote Code Execution (RCE) by levering the automation API. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:25 +0000 UTC Push: 2023-01-06 09:46:27 +0000 UTC |

Live-Hack-CVE/CVE-2022-4801 Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:21 +0000 UTC Push: 2023-01-06 09:46:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-4800 Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:16 +0000 UTC Push: 2023-01-06 09:46:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-4812 Comparison of Object References Instead of Object Contents in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:11 +0000 UTC Push: 2023-01-06 09:46:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-4811 Improper Authorization in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:07 +0000 UTC Push: 2023-01-06 09:46:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-4810 Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:02 +0000 UTC Push: 2023-01-06 09:46:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-4809 Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:45:58 +0000 UTC Push: 2023-01-06 09:46:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-4808 Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:45:54 +0000 UTC Push: 2023-01-06 09:45:57 +0000 UTC |