Live-Hack-CVE/CVE-2021-32163 Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:49 +0000 UTC Push: 2023-02-18 04:01:51 +0000 UTC |

Live-Hack-CVE/CVE-2020-19824 An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:45 +0000 UTC Push: 2023-02-18 04:01:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-45766 Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:41 +0000 UTC Push: 2023-02-18 04:01:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-0777 Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:37 +0000 UTC Push: 2023-02-18 04:01:39 +0000 UTC |

and0x00/CVE-2021-32789 ? Wordpress WooCommerce users dump exploit Create: 2023-02-18 03:51:24 +0000 UTC Push: 2023-02-18 03:51:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-24388 Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete). CVE project by @Sn0wAlice Create: 2023-02-18 01:48:14 +0000 UTC Push: 2023-02-18 01:48:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-24329 An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:11 +0000 UTC Push: 2023-02-18 01:48:12 +0000 UTC |

Live-Hack-CVE/CVE-2023-23899 Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extensions For CF7 plugin <= 2.0.8 versions leads to arbitrary plugin activation. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:07 +0000 UTC Push: 2023-02-18 01:48:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-45701 Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:04 +0000 UTC Push: 2023-02-18 01:48:06 +0000 UTC |

Live-Hack-CVE/CVE-2020-29168 SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:00 +0000 UTC Push: 2023-02-18 01:48:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-21431 Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:55 +0000 UTC Push: 2023-02-18 01:47:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-21433 Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:52 +0000 UTC Push: 2023-02-18 01:47:54 +0000 UTC |

Live-Hack-CVE/CVE-2023-21443 Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:49 +0000 UTC Push: 2023-02-18 01:47:51 +0000 UTC |

Live-Hack-CVE/CVE-2023-21444 Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:45 +0000 UTC Push: 2023-02-18 01:47:47 +0000 UTC |

Live-Hack-CVE/CVE-2023-21447 Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:41 +0000 UTC Push: 2023-02-18 01:47:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-21448 Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:38 +0000 UTC Push: 2023-02-18 01:47:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-21450 Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without authorization via gesture setting. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:34 +0000 UTC Push: 2023-02-18 01:47:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-23007 An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:29 +0000 UTC Push: 2023-02-18 01:47:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-47986 IBM Aspera Faspex 4.4.1 could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 CVE project by @Sn0wAlice Create: 2023-02-18 01:47:25 +0000 UTC Push: 2023-02-18 01:47:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-23592 WALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive information. CVE project by @Sn0wAlice Create: 2023-02-18 01:47:21 +0000 UTC Push: 2023-02-18 01:47:24 +0000 UTC |