sAsPeCt488/CVE-2022-46169-PoC PoC for CVE-2022-46169 - Unauthenticated RCE on Cacti <= 1.2.22 Create: 2023-01-06 00:56:06 +0000 UTC Push: 2023-01-06 00:59:04 +0000 UTC |

sAsPeCt488/CVE-2022-46169 PoC for CVE-2022-46169 - Unauthenticated RCE on Cacti <= 1.2.22 Create: 2023-01-06 00:56:06 +0000 UTC Push: 2023-01-06 09:22:54 +0000 UTC |

Live-Hack-CVE/CVE-2022-43533 A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Ma CVE project by @Sn0wAlice Create: 2023-01-05 23:54:30 +0000 UTC Push: 2023-01-05 23:54:34 +0000 UTC |

Live-Hack-CVE/CVE-2022-4695 Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. CVE project by @Sn0wAlice Create: 2023-01-05 23:54:18 +0000 UTC Push: 2023-01-05 23:54:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-4694 Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. CVE project by @Sn0wAlice Create: 2023-01-05 23:54:13 +0000 UTC Push: 2023-01-05 23:54:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-4691 Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. CVE project by @Sn0wAlice Create: 2023-01-05 23:54:08 +0000 UTC Push: 2023-01-05 23:54:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-45995 There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414. CVE project by @Sn0wAlice Create: 2023-01-05 23:54:02 +0000 UTC Push: 2023-01-05 23:54:06 +0000 UTC |

Live-Hack-CVE/CVE-2015-10014 A vulnerability classified as critical has been found in arekk uke. This affects an unknown part of the file lib/uke/finder.rb. The manipulation leads to sql injection. The name of the patch is 52fd3b2d0bc16227ef57b7b98a3658bb67c1833f. It is recommended to apply a patch to fix this issue. The identifier VDB-217485 was CVE project by @Sn0wAlice Create: 2023-01-05 23:53:58 +0000 UTC Push: 2023-01-05 23:54:01 +0000 UTC |

Live-Hack-CVE/CVE-2014-125040 A vulnerability was found in stevejagodzinski DevNewsAggregator. It has been rated as critical. Affected by this issue is the function getByName of the file php/data_access/RemoteHtmlContentDataAccess.php. The manipulation of the argument name leads to sql injection. The name of the patch is b9de907e7a8c9ca9d75295da675 CVE project by @Sn0wAlice Create: 2023-01-05 23:53:53 +0000 UTC Push: 2023-01-05 23:53:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-4720 Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. CVE project by @Sn0wAlice Create: 2023-01-05 23:53:46 +0000 UTC Push: 2023-01-05 23:53:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-4723 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5. CVE project by @Sn0wAlice Create: 2023-01-05 23:53:41 +0000 UTC Push: 2023-01-05 23:53:44 +0000 UTC |

Live-Hack-CVE/CVE-2022-4722 Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5. CVE project by @Sn0wAlice Create: 2023-01-05 23:53:36 +0000 UTC Push: 2023-01-05 23:53:40 +0000 UTC |

Live-Hack-CVE/CVE-2022-4719 Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. CVE project by @Sn0wAlice Create: 2023-01-05 23:53:32 +0000 UTC Push: 2023-01-05 23:53:35 +0000 UTC |

Live-Hack-CVE/CVE-2022-4721 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5. CVE project by @Sn0wAlice Create: 2023-01-05 23:53:27 +0000 UTC Push: 2023-01-05 23:53:31 +0000 UTC |

Live-Hack-CVE/CVE-2021-4305 A vulnerability was found in Woorank robots-txt-guard. It has been rated as problematic. Affected by this issue is the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may b CVE project by @Sn0wAlice Create: 2023-01-05 21:43:22 +0000 UTC Push: 2023-01-05 21:43:25 +0000 UTC |

Live-Hack-CVE/CVE-2020-36641 A vulnerability classified as problematic was found in gturri aXMLRPC up to 1.12.0. This vulnerability affects the function ResponseParser of the file src/main/java/de/timroes/axmlrpc/ResponseParser.java. The manipulation leads to xml external entity reference. Upgrading to version 1.12.1 is able to address this issue. CVE project by @Sn0wAlice Create: 2023-01-05 21:43:16 +0000 UTC Push: 2023-01-05 21:43:20 +0000 UTC |

Live-Hack-CVE/CVE-2017-20162 A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the pu CVE project by @Sn0wAlice Create: 2023-01-05 21:43:12 +0000 UTC Push: 2023-01-05 21:43:15 +0000 UTC |

Live-Hack-CVE/CVE-2007-10001 A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It is recommended to apply a patch to fix this issue. The identifier VDB-217449 was assigned to this vulnerability. CVE project by @Sn0wAlice Create: 2023-01-05 21:43:07 +0000 UTC Push: 2023-01-05 21:43:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-43532 A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's bro CVE project by @Sn0wAlice Create: 2023-01-05 19:33:19 +0000 UTC Push: 2023-01-05 19:33:22 +0000 UTC |

Live-Hack-CVE/CVE-2022-43529 A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an remote attacker to persist a session after a password reset or similar session clearing event. Successful exploitation of this vulnerability could allow an authenticated attacker to remain on the system wit CVE project by @Sn0wAlice Create: 2023-01-05 19:33:16 +0000 UTC Push: 2023-01-05 19:33:18 +0000 UTC |