Live-Hack-CVE/CVE-2020-24645 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:57 +0000 UTC Push: 2023-01-07 02:15:00 +0000 UTC |

Live-Hack-CVE/CVE-2020-24644 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:52 +0000 UTC Push: 2023-01-07 02:14:56 +0000 UTC |

Live-Hack-CVE/CVE-2020-24643 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:48 +0000 UTC Push: 2023-01-07 02:14:51 +0000 UTC |

Live-Hack-CVE/CVE-2020-24642 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:43 +0000 UTC Push: 2023-01-07 02:14:47 +0000 UTC |

Live-Hack-CVE/CVE-2019-5325 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:40 +0000 UTC Push: 2023-01-07 02:14:42 +0000 UTC |

Live-Hack-CVE/CVE-2019-5316 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:35 +0000 UTC Push: 2023-01-07 02:14:39 +0000 UTC |

Live-Hack-CVE/CVE-2019-5313 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:31 +0000 UTC Push: 2023-01-07 02:14:34 +0000 UTC |

Live-Hack-CVE/CVE-2016-15005 CSRF tokens are generated using math/rand, which is not a cryptographically secure rander number generation, making predicting their values relatively trivial and allowing an attacker to bypass CSRF protections which relatively few requests. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:27 +0000 UTC Push: 2023-01-07 02:14:30 +0000 UTC |

Live-Hack-CVE/CVE-2017-20146 Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:22 +0000 UTC Push: 2023-01-07 02:14:25 +0000 UTC |

Live-Hack-CVE/CVE-2018-25046 Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:17 +0000 UTC Push: 2023-01-07 02:14:21 +0000 UTC |

Live-Hack-CVE/CVE-2019-25091 A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRF_COOKIE_HTTPONLY leads to cookie without 'httponly' flag. It is possible to initiate the attack rem CVE project by @Sn0wAlice Create: 2023-01-07 02:14:13 +0000 UTC Push: 2023-01-07 02:14:16 +0000 UTC |

Live-Hack-CVE/CVE-2021-4296 A vulnerability, which was classified as problematic, has been found in w3c Unicorn. This issue affects the function ValidatorNuMessage of the file src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The CVE project by @Sn0wAlice Create: 2023-01-07 02:14:08 +0000 UTC Push: 2023-01-07 02:14:11 +0000 UTC |

Live-Hack-CVE/CVE-2019-25072 Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:05 +0000 UTC Push: 2023-01-07 02:14:07 +0000 UTC |

Live-Hack-CVE/CVE-2021-4295 A vulnerability classified as problematic was found in ONC code-validator-api up to 1.0.30. This vulnerability affects the function vocabularyValidationConfigurations of the file src/main/java/org/sitenv/vocabularies/configuration/CodeValidatorApiConfiguration.java of the component XML Handler. The manipulation leads t CVE project by @Sn0wAlice Create: 2023-01-07 02:14:00 +0000 UTC Push: 2023-01-07 02:14:03 +0000 UTC |

Live-Hack-CVE/CVE-2018-25050 A vulnerability, which was classified as problematic, has been found in Harvest Chosen up to 1.8.6. Affected by this issue is the function AbstractChosen of the file coffee/lib/abstract-chosen.coffee. The manipulation of the argument group_label leads to cross site scripting. The attack may be launched remotely. Upgrad CVE project by @Sn0wAlice Create: 2023-01-07 02:13:56 +0000 UTC Push: 2023-01-07 02:13:59 +0000 UTC |

Live-Hack-CVE/CVE-2019-25073 Improper path santiziation in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory. CVE project by @Sn0wAlice Create: 2023-01-07 02:13:51 +0000 UTC Push: 2023-01-07 02:13:54 +0000 UTC |

Live-Hack-CVE/CVE-2020-36559 Due to improper santization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read. CVE project by @Sn0wAlice Create: 2023-01-07 02:13:47 +0000 UTC Push: 2023-01-07 02:13:50 +0000 UTC |

komomon/CVE-2022-44877-RCE CVE-2022-44877 Centos Web Panel 7 Unauthenticated Remote Code Execution Create: 2023-01-07 00:53:51 +0000 UTC Push: 2023-01-07 00:53:52 +0000 UTC |

Live-Hack-CVE/CVE-2019-25099 A vulnerability classified as critical was found in Arthmoor QSF-Portal. This vulnerability affects unknown code of the file index.php. The manipulation of the argument a leads to path traversal. The name of the patch is ea4f61e23ecb83247d174bc2e2cbab521c751a7d. It is recommended to apply a patch to fix this issue. VDB CVE project by @Sn0wAlice Create: 2023-01-07 00:03:08 +0000 UTC Push: 2023-01-07 00:03:11 +0000 UTC |

Live-Hack-CVE/CVE-2015-10018 A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesController.php. The manipulation leads to sql injection. Upgrading to version 1.0.0 is able to address this issue. The name of CVE project by @Sn0wAlice Create: 2023-01-07 00:03:03 +0000 UTC Push: 2023-01-07 00:03:07 +0000 UTC |