Live-Hack-CVE/CVE-2022-43762 Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages CVE project by @Sn0wAlice Create: 2023-02-08 21:51:08 +0000 UTC Push: 2023-02-08 21:51:11 +0000 UTC |

pierpaolosestito-dev/Log4Shell-CVE-2021-44228-PoC Create: 2023-02-08 20:19:32 +0000 UTC Push: 2023-02-08 20:20:31 +0000 UTC |

Live-Hack-CVE/CVE-2021-3958 Improper Handling of Parameters vulnerability in Ipack Automation Systems Ipack SCADA Software allows : Blind SQL Injection.This issue affects Ipack SCADA Software: from unspecified before 1.1.0. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:29 +0000 UTC Push: 2023-02-08 19:37:32 +0000 UTC |

Live-Hack-CVE/CVE-2023-0744 Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:25 +0000 UTC Push: 2023-02-08 19:37:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-0743 Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:20 +0000 UTC Push: 2023-02-08 19:37:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-0742 Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:17 +0000 UTC Push: 2023-02-08 19:37:19 +0000 UTC |

Live-Hack-CVE/CVE-2023-0741 Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:13 +0000 UTC Push: 2023-02-08 19:37:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-0740 Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:08 +0000 UTC Push: 2023-02-08 19:37:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-43761 Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07 allows reading and changing the system configuration. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:04 +0000 UTC Push: 2023-02-08 19:37:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-2094 The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting CVE project by @Sn0wAlice Create: 2023-02-08 19:37:00 +0000 UTC Push: 2023-02-08 19:37:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-0726 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_edit_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted th CVE project by @Sn0wAlice Create: 2023-02-08 15:13:33 +0000 UTC Push: 2023-02-08 15:13:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-0725 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_clone_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted t CVE project by @Sn0wAlice Create: 2023-02-08 15:13:30 +0000 UTC Push: 2023-02-08 15:13:32 +0000 UTC |

Live-Hack-CVE/CVE-2023-0724 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_add_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted the CVE project by @Sn0wAlice Create: 2023-02-08 15:13:26 +0000 UTC Push: 2023-02-08 15:13:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-0722 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_state function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted the CVE project by @Sn0wAlice Create: 2023-02-08 15:13:22 +0000 UTC Push: 2023-02-08 15:13:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-0720 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and p CVE project by @Sn0wAlice Create: 2023-02-08 15:13:19 +0000 UTC Push: 2023-02-08 15:13:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-0717 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_delete_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perfo CVE project by @Sn0wAlice Create: 2023-02-08 15:13:15 +0000 UTC Push: 2023-02-08 15:13:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-0716 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_edit_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perform CVE project by @Sn0wAlice Create: 2023-02-08 15:13:12 +0000 UTC Push: 2023-02-08 15:13:14 +0000 UTC |

Live-Hack-CVE/CVE-2023-0715 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_clone_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perfor CVE project by @Sn0wAlice Create: 2023-02-08 15:13:08 +0000 UTC Push: 2023-02-08 15:13:10 +0000 UTC |

Live-Hack-CVE/CVE-2023-0711 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_state function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perform CVE project by @Sn0wAlice Create: 2023-02-08 15:13:04 +0000 UTC Push: 2023-02-08 15:13:07 +0000 UTC |

Live-Hack-CVE/CVE-2023-0685 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_unassign_folders function. This makes it possible for unauthenticated attackers to invoke this function via forged request grant CVE project by @Sn0wAlice Create: 2023-02-08 15:13:01 +0000 UTC Push: 2023-02-08 15:13:03 +0000 UTC |