Vulnmachines/imagemagick-CVE-2022-44268 Imagemagick CVE-2022-44268 Create: 2023-02-06 18:45:42 +0000 UTC Push: 2023-02-06 18:45:42 +0000 UTC |

Live-Hack-CVE/CVE-2017-20176 A vulnerability classified as problematic was found in ciubotaru share-on-diaspora 0.7.9. This vulnerability affects unknown code of the file new_window.php. The manipulation of the argument title/url leads to cross site scripting. The attack can be initiated remotely. The name of the patch is fb6fae2f8a9b146471450b5b0 CVE project by @Sn0wAlice Create: 2023-02-06 14:31:13 +0000 UTC Push: 2023-02-06 14:31:15 +0000 UTC |

Live-Hack-CVE/CVE-2014-125086 A vulnerability has been found in Gimmie Plugin 1.2.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file trigger_login.php. The manipulation of the argument userid leads to sql injection. Upgrading to version 1.3.0 is able to address this issue. The name of the patch is f CVE project by @Sn0wAlice Create: 2023-02-06 14:31:09 +0000 UTC Push: 2023-02-06 14:31:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-25855 All versions of the package create-choo-app3 are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization. CVE project by @Sn0wAlice Create: 2023-02-06 14:31:06 +0000 UTC Push: 2023-02-06 14:31:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-25853 All versions of the package semver-tags are vulnerable to Command Injection via the getGitTagsRemote function due to improper input sanitization. CVE project by @Sn0wAlice Create: 2023-02-06 14:31:02 +0000 UTC Push: 2023-02-06 14:31:04 +0000 UTC |

Timorlover/CVE-2023-23333 There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php. Create: 2023-02-06 14:20:40 +0000 UTC Push: 2023-02-06 14:20:41 +0000 UTC |

hieuminhnv/CVE-2022-21587-POC- CVE-2022-21587 POC Create: 2023-02-06 12:18:24 +0000 UTC Push: 2023-02-06 12:18:25 +0000 UTC |

hieuminhnv/CVE-2022-21587-POC CVE-2022-21587 POC Create: 2023-02-06 12:18:24 +0000 UTC Push: 2023-02-06 12:30:10 +0000 UTC |

Live-Hack-CVE/CVE-2014-125085 A vulnerability, which was classified as critical, was found in Gimmie Plugin 1.2.2. Affected is an unknown function of the file trigger_ratethread.php. The manipulation of the argument t/postusername leads to sql injection. Upgrading to version 1.3.0 is able to address this issue. The name of the patch is f11a136e9cbd CVE project by @Sn0wAlice Create: 2023-02-06 09:56:55 +0000 UTC Push: 2023-02-06 09:56:57 +0000 UTC |

Live-Hack-CVE/CVE-2014-125084 A vulnerability, which was classified as critical, has been found in Gimmie Plugin 1.2.2. This issue affects some unknown processing of the file trigger_referral.php. The manipulation of the argument referrername leads to sql injection. Upgrading to version 1.3.0 is able to address this issue. The name of the patch is CVE project by @Sn0wAlice Create: 2023-02-06 09:56:51 +0000 UTC Push: 2023-02-06 09:56:53 +0000 UTC |

Live-Hack-CVE/CVE-2015-0252 internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data. CVE project by @Sn0wAlice Create: 2023-02-06 07:43:09 +0000 UTC Push: 2023-02-06 07:43:11 +0000 UTC |

Live-Hack-CVE/CVE-2018-1311 The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standar CVE project by @Sn0wAlice Create: 2023-02-06 07:43:06 +0000 UTC Push: 2023-02-06 07:43:08 +0000 UTC |

l00neyhacker/CVE-2021-35287 CVE-2021-35287 Create: 2023-02-06 06:37:02 +0000 UTC Push: 2023-02-06 06:37:03 +0000 UTC |

l00neyhacker/CVE-2021-35286 CVE-2021-35286 Create: 2023-02-06 06:35:04 +0000 UTC Push: 2023-02-06 06:35:05 +0000 UTC |

0xFTW/CVE-2011-2523 CVE-2011-2523 exploit Create: 2023-02-06 06:17:34 +0000 UTC Push: 2023-02-06 06:17:34 +0000 UTC |

tristao-marinho/CVE-2022-45544 SCHLIX CMS 2.2.7-2 arbitrary File Upload Create: 2023-02-06 05:45:37 +0000 UTC Push: 2023-02-06 05:45:38 +0000 UTC |

Live-Hack-CVE/CVE-2017-20175 A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been d CVE project by @Sn0wAlice Create: 2023-02-06 05:32:46 +0000 UTC Push: 2023-02-06 05:32:49 +0000 UTC |

voidz0r/CVE-2022-44268 A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read Create: 2023-02-06 02:42:27 +0000 UTC Push: 2023-02-06 03:20:26 +0000 UTC |

dumitory-dev/CVE-2020-35391-POC Tenda N300 Authentication Bypass via Malformed HTTP Eequest Header Create: 2023-02-05 21:42:55 +0000 UTC Push: 2023-02-05 21:42:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-22849 An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.4 and prior may allow an authenticated remote attacker to perform a reflected cross-site scripting (XSS) attack in multiple features. Upgrade to Apache Sling App CMS >= 1.1.6 CVE project by @Sn0wAlice Create: 2023-02-05 07:33:13 +0000 UTC Push: 2023-02-05 07:33:15 +0000 UTC |