unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2023-0295
The Launchpad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its settings parameters in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:51 +0000 UTC Push: 2023-01-14 05:37:53 +0000 UTC |
Live-Hack-CVE/CVE-2023-0294
The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on its AJAX actions function. This makes it possible for unauthenticated attackers to change image categories used by the CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:47 +0000 UTC Push: 2023-01-14 05:37:48 +0000 UTC |
Live-Hack-CVE/CVE-2023-0293
The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.8.1. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change image categories, wh CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:42 +0000 UTC Push: 2023-01-14 05:37:45 +0000 UTC |
Live-Hack-CVE/CVE-2022-46956
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:38 +0000 UTC Push: 2023-01-14 05:37:41 +0000 UTC |
Live-Hack-CVE/CVE-2022-46955
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_queue. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:34 +0000 UTC Push: 2023-01-14 05:37:37 +0000 UTC |
Live-Hack-CVE/CVE-2022-46954
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_transaction. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:30 +0000 UTC Push: 2023-01-14 05:37:33 +0000 UTC |
Live-Hack-CVE/CVE-2022-46953
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_window. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:26 +0000 UTC Push: 2023-01-14 05:37:28 +0000 UTC |
Live-Hack-CVE/CVE-2022-46952
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_user. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:22 +0000 UTC Push: 2023-01-14 05:37:24 +0000 UTC |
Live-Hack-CVE/CVE-2022-46951
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_uploads. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:19 +0000 UTC Push: 2023-01-14 05:37:21 +0000 UTC |
Live-Hack-CVE/CVE-2022-46950
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_window. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:14 +0000 UTC Push: 2023-01-14 05:37:17 +0000 UTC |
Live-Hack-CVE/CVE-2022-46949
Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_helmet. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:10 +0000 UTC Push: 2023-01-14 05:37:13 +0000 UTC |
Live-Hack-CVE/CVE-2022-46947
Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:05 +0000 UTC Push: 2023-01-14 05:37:08 +0000 UTC |
Live-Hack-CVE/CVE-2022-46946
Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_brand. CVE project by @Sn0wAlice
Create: 2023-01-14 05:37:01 +0000 UTC Push: 2023-01-14 05:37:04 +0000 UTC |
Live-Hack-CVE/CVE-2015-10041
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Dovgalyuk AIBattle. Affected is the function sendComments of the file site/procedures.php. The manipulation of the argument text leads to sql injection. The name of the patch is e3aa4d0900167641d41cb CVE project by @Sn0wAlice
Create: 2023-01-14 05:36:57 +0000 UTC Push: 2023-01-14 05:36:59 +0000 UTC |
Live-Hack-CVE/CVE-2015-10040
A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. The manipulation leads to injection. The attack can be initiated remotely. The name of the patch is 3faa5deaa50901 CVE project by @Sn0wAlice
Create: 2023-01-14 05:36:53 +0000 UTC Push: 2023-01-14 05:36:55 +0000 UTC |
Live-Hack-CVE/CVE-2022-38491
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application does not implement protection against brute-force attacks. CVE project by @Sn0wAlice
Create: 2023-01-14 05:36:48 +0000 UTC Push: 2023-01-14 05:36:51 +0000 UTC |
Live-Hack-CVE/CVE-2022-38492
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03 before 2022.1.110.1.02. One parameter allows SQL injection. CVE project by @Sn0wAlice
Create: 2023-01-14 05:36:42 +0000 UTC Push: 2023-01-14 05:36:45 +0000 UTC |
Live-Hack-CVE/CVE-2022-38489
An issue was discovered in EasyVista 2020.2.125.3 before 2022.1.110.1.02. It is prone to stored Cross-site Scripting (XSS). CVE project by @Sn0wAlice
Create: 2023-01-14 05:36:38 +0000 UTC Push: 2023-01-14 05:36:41 +0000 UTC |
halsey51013/UpdateWindowsRE-CVE-2022-41099
Script to update Windows Recovery Environment to patch against CVE-2022-41099
Create: 2023-01-14 05:27:03 +0000 UTC Push: 2023-01-14 05:27:04 +0000 UTC |
Live-Hack-CVE/CVE-2021-4312
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Th3-822 Rapidleech. This affects the function zip_go of the file classes/options/zip.php. The manipulation of the argument archive leads to cross site scripting. It is possible to initiate the att CVE project by @Sn0wAlice
Create: 2023-01-14 03:26:20 +0000 UTC Push: 2023-01-14 03:26:23 +0000 UTC |
Previous
716
717
718
719
720
721
722
723
Next