Live-Hack-CVE/CVE-2022-41620 Cross-Site Request Forgery (CSRF) vulnerability in SeoSamba for WordPress Webmasters plugin <= 1.0.5 versions. CVE project by @Sn0wAlice Create: 2023-02-09 00:01:44 +0000 UTC Push: 2023-02-09 00:01:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-43765 B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to port 55502/tcp, which may allow a network based attacker to cause an application Denial-of-Service. CVE project by @Sn0wAlice Create: 2023-02-08 21:51:20 +0000 UTC Push: 2023-02-08 21:51:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-43764 Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code. CVE project by @Sn0wAlice Create: 2023-02-08 21:51:16 +0000 UTC Push: 2023-02-08 21:51:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-43763 Insufficient check of preconditions could lead to Denial of Service conditions when calling commands on the Tbase server of B&R APROL versions < R 4.2-07. CVE project by @Sn0wAlice Create: 2023-02-08 21:51:12 +0000 UTC Push: 2023-02-08 21:51:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-43762 Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages CVE project by @Sn0wAlice Create: 2023-02-08 21:51:08 +0000 UTC Push: 2023-02-08 21:51:11 +0000 UTC |

pierpaolosestito-dev/Log4Shell-CVE-2021-44228-PoC Create: 2023-02-08 20:19:32 +0000 UTC Push: 2023-02-08 20:20:31 +0000 UTC |

Live-Hack-CVE/CVE-2021-3958 Improper Handling of Parameters vulnerability in Ipack Automation Systems Ipack SCADA Software allows : Blind SQL Injection.This issue affects Ipack SCADA Software: from unspecified before 1.1.0. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:29 +0000 UTC Push: 2023-02-08 19:37:32 +0000 UTC |

Live-Hack-CVE/CVE-2023-0744 Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:25 +0000 UTC Push: 2023-02-08 19:37:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-0743 Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:20 +0000 UTC Push: 2023-02-08 19:37:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-0742 Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:17 +0000 UTC Push: 2023-02-08 19:37:19 +0000 UTC |

Live-Hack-CVE/CVE-2023-0741 Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:13 +0000 UTC Push: 2023-02-08 19:37:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-0740 Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:08 +0000 UTC Push: 2023-02-08 19:37:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-43761 Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07 allows reading and changing the system configuration. CVE project by @Sn0wAlice Create: 2023-02-08 19:37:04 +0000 UTC Push: 2023-02-08 19:37:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-2094 The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting CVE project by @Sn0wAlice Create: 2023-02-08 19:37:00 +0000 UTC Push: 2023-02-08 19:37:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-0726 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_edit_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted th CVE project by @Sn0wAlice Create: 2023-02-08 15:13:33 +0000 UTC Push: 2023-02-08 15:13:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-0725 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_clone_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted t CVE project by @Sn0wAlice Create: 2023-02-08 15:13:30 +0000 UTC Push: 2023-02-08 15:13:32 +0000 UTC |

Live-Hack-CVE/CVE-2023-0724 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_add_folder function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted the CVE project by @Sn0wAlice Create: 2023-02-08 15:13:26 +0000 UTC Push: 2023-02-08 15:13:28 +0000 UTC |

Live-Hack-CVE/CVE-2023-0722 The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_state function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted the CVE project by @Sn0wAlice Create: 2023-02-08 15:13:22 +0000 UTC Push: 2023-02-08 15:13:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-0720 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_save_folder_order function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and p CVE project by @Sn0wAlice Create: 2023-02-08 15:13:19 +0000 UTC Push: 2023-02-08 15:13:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-0717 The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajax_delete_folder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this function and perfo CVE project by @Sn0wAlice Create: 2023-02-08 15:13:15 +0000 UTC Push: 2023-02-08 15:13:17 +0000 UTC |