Live-Hack-CVE/CVE-2022-44715 Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote users to gain permissions via a crafted payload. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:58 +0000 UTC Push: 2023-01-28 00:09:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-44298 SiteServer CMS 7.1.3 is vulnerable to SQL Injection. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:54 +0000 UTC Push: 2023-01-28 00:08:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-44029 An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 6 of 6. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:51 +0000 UTC Push: 2023-01-28 00:08:53 +0000 UTC |

Live-Hack-CVE/CVE-2022-44028 An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 5 of 6. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:46 +0000 UTC Push: 2023-01-28 00:08:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-44027 An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 4 of 6. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:42 +0000 UTC Push: 2023-01-28 00:08:45 +0000 UTC |

Live-Hack-CVE/CVE-2022-44026 An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 3 of 6. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:39 +0000 UTC Push: 2023-01-28 00:08:41 +0000 UTC |

Live-Hack-CVE/CVE-2022-44025 An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 2 of 6. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:35 +0000 UTC Push: 2023-01-28 00:08:37 +0000 UTC |

Live-Hack-CVE/CVE-2022-44024 An issue was discovered in NetScout nGeniusONE 6.3.2 before P10. It allows Reflected Cross-Site Scripting (XSS), issue 1 of 6. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:31 +0000 UTC Push: 2023-01-28 00:08:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-23492 The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the 'ID' parameter of its 'lwp_forgot_password' action. CVE project by @Sn0wAlice Create: 2023-01-28 00:08:25 +0000 UTC Push: 2023-01-28 00:08:28 +0000 UTC |

ysanatomic/CVE-2022-32250-LPE Create: 2023-01-27 22:44:39 +0000 UTC Push: 2023-01-28 01:51:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-0534 A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file admin/expense_report.php. The manipulation of the argument to_date leads to sql injection. It is possible to initiate the attack remotely. The exploit has CVE project by @Sn0wAlice Create: 2023-01-27 21:57:01 +0000 UTC Push: 2023-01-27 21:57:04 +0000 UTC |

Live-Hack-CVE/CVE-2023-0533 A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this issue is some unknown functionality of the file admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. The attack may be launched remot CVE project by @Sn0wAlice Create: 2023-01-27 21:56:58 +0000 UTC Push: 2023-01-27 21:57:00 +0000 UTC |

Live-Hack-CVE/CVE-2023-0532 A vulnerability classified as critical was found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/disapprove_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit CVE project by @Sn0wAlice Create: 2023-01-27 21:56:54 +0000 UTC Push: 2023-01-27 21:56:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-0531 A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/booking_report.php. The manipulation of the argument to_date leads to sql injection. It is possible to launch the attack remotely. The exploit has been CVE project by @Sn0wAlice Create: 2023-01-27 21:56:50 +0000 UTC Push: 2023-01-27 21:56:52 +0000 UTC |

Live-Hack-CVE/CVE-2023-0530 A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/approve_user.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been d CVE project by @Sn0wAlice Create: 2023-01-27 21:56:46 +0000 UTC Push: 2023-01-27 21:56:49 +0000 UTC |

Live-Hack-CVE/CVE-2023-0529 A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/add_payment.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been di CVE project by @Sn0wAlice Create: 2023-01-27 21:56:43 +0000 UTC Push: 2023-01-27 21:56:45 +0000 UTC |

Live-Hack-CVE/CVE-2023-0528 A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin/abc.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed CVE project by @Sn0wAlice Create: 2023-01-27 21:56:39 +0000 UTC Push: 2023-01-27 21:56:41 +0000 UTC |

Live-Hack-CVE/CVE-2023-0527 A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input "><script>alert(document.domain)</script> leads to cross site sc CVE project by @Sn0wAlice Create: 2023-01-27 21:56:36 +0000 UTC Push: 2023-01-27 21:56:38 +0000 UTC |

Live-Hack-CVE/CVE-2022-48120 SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8fd9aa10a8d17f79fad9bd (on March 13, 2021), allows attackers to execute arbitrary commands via the contact and doctor parameters to /search.php. CVE project by @Sn0wAlice Create: 2023-01-27 21:56:32 +0000 UTC Push: 2023-01-27 21:56:34 +0000 UTC |

Live-Hack-CVE/CVE-2022-48152 SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and gain sensitive information via the id parameter to /medicines/profile.php. CVE project by @Sn0wAlice Create: 2023-01-27 21:56:28 +0000 UTC Push: 2023-01-27 21:56:31 +0000 UTC |