Live-Hack-CVE/CVE-2014-125049 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in typcn Blogile. Affected is the function getNav of the file server.js. The manipulation of the argument query leads to sql injection. The name of the patch is cfec31043b562ffefe29fe01af6d3c5ed1 CVE project by @Sn0wAlice Create: 2023-01-07 00:02:59 +0000 UTC Push: 2023-01-07 00:03:02 +0000 UTC |

Live-Hack-CVE/CVE-2014-125048 A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue affects some unknown processing of the file app/controllers/oauth.js. The manipulation leads to session fixiation. The name of the patch is e9f0d509e1408743048e29d9c099d36e0e1f6ae7. It is recommended to apply a patch to fix CVE project by @Sn0wAlice Create: 2023-01-07 00:02:54 +0000 UTC Push: 2023-01-07 00:02:57 +0000 UTC |

Live-Hack-CVE/CVE-2018-25057 A vulnerability was found in simple_php_link_shortener. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument $link["id"] leads to sql injection. The name of the patch is b26ac6480761635ed94ccb0222ba6b732de6e53f. It is recommended to apply a patch to CVE project by @Sn0wAlice Create: 2023-01-07 00:02:47 +0000 UTC Push: 2023-01-07 00:02:51 +0000 UTC |

Live-Hack-CVE/CVE-2022-3156 A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software. Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted softwa CVE project by @Sn0wAlice Create: 2023-01-07 00:02:29 +0000 UTC Push: 2023-01-07 00:02:33 +0000 UTC |

Live-Hack-CVE/CVE-2020-36567 Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines. CVE project by @Sn0wAlice Create: 2023-01-07 00:02:25 +0000 UTC Push: 2023-01-07 00:02:28 +0000 UTC |

Live-Hack-CVE/CVE-2013-10005 The RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a stack overflow. CVE project by @Sn0wAlice Create: 2023-01-07 00:02:20 +0000 UTC Push: 2023-01-07 00:02:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-4879 A vulnerability was found in Forged Alliance Forever up to 3746. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Vote Handler. The manipulation leads to improper authorization. Upgrading to version 3747 is able to address this issue. The name of the patch is CVE project by @Sn0wAlice Create: 2023-01-06 21:51:57 +0000 UTC Push: 2023-01-06 21:52:01 +0000 UTC |

Live-Hack-CVE/CVE-2020-36642 A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue affects the function run_in_sandbox of the file application/libraries/LanguageTask.php. The manipulation leads to command injection. Upgrading to version 1.7.0 is able to address this issue. The name of the patch is 8f43daf50 CVE project by @Sn0wAlice Create: 2023-01-06 21:51:53 +0000 UTC Push: 2023-01-06 21:51:56 +0000 UTC |

Live-Hack-CVE/CVE-2018-25066 A vulnerability was found in PeterMu nodebatis up to 2.1.x. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. Upgrading to version 2.2.0 is able to address this issue. The name of the patch is 6629ff5b7e3d62ad8319007a54589ec1f62c7c35. It is recommended to upgr CVE project by @Sn0wAlice Create: 2023-01-06 21:51:48 +0000 UTC Push: 2023-01-06 21:51:51 +0000 UTC |

Live-Hack-CVE/CVE-2015-10017 A vulnerability has been found in HPI-Information-Systems ProLOD and classified as critical. This vulnerability affects unknown code. The manipulation of the argument this leads to sql injection. The name of the patch is 3f710905458d49c77530bd3cbcd8960457566b73. It is recommended to apply a patch to fix this issue. The CVE project by @Sn0wAlice Create: 2023-01-06 21:51:44 +0000 UTC Push: 2023-01-06 21:51:47 +0000 UTC |

Live-Hack-CVE/CVE-2014-125047 A vulnerability classified as critical has been found in tbezman school-store. This affects an unknown part. The manipulation leads to sql injection. The name of the patch is 2957fc97054216d3a393f1775efd01ae2b072001. It is recommended to apply a patch to fix this issue. The identifier VDB-217557 was assigned to this vu CVE project by @Sn0wAlice Create: 2023-01-06 21:51:40 +0000 UTC Push: 2023-01-06 21:51:43 +0000 UTC |

kriso4os/CVE-2018-25031 Create: 2023-01-06 19:58:15 +0000 UTC Push: 2023-01-06 19:58:16 +0000 UTC |

Live-Hack-CVE/CVE-2019-25090 A vulnerability was found in FreePBX arimanager up to 13.0.5.3 and classified as problematic. Affected by this issue is some unknown functionality of the component Views Handler. The manipulation of the argument dataurl leads to cross site scripting. The attack may be launched remotely. Upgrading to version 13.0.5.4 is CVE project by @Sn0wAlice Create: 2023-01-06 19:41:11 +0000 UTC Push: 2023-01-06 19:41:13 +0000 UTC |

Live-Hack-CVE/CVE-2020-36634 A vulnerability classified as problematic has been found in Indeed Engineering util up to 1.0.33. Affected is the function visit/appendTo of the file varexport/src/main/java/com/indeed/util/varexport/servlet/ViewExportedVariablesServlet.java. The manipulation leads to cross site scripting. It is possible to launch the CVE project by @Sn0wAlice Create: 2023-01-06 19:41:07 +0000 UTC Push: 2023-01-06 19:41:09 +0000 UTC |

Live-Hack-CVE/CVE-2020-36633 A vulnerability was found in moodle-block_sitenews 1.0. It has been classified as problematic. This affects the function get_content of the file block_sitenews.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 1.1 is able to address this issu CVE project by @Sn0wAlice Create: 2023-01-06 19:41:03 +0000 UTC Push: 2023-01-06 19:41:05 +0000 UTC |

Live-Hack-CVE/CVE-2021-4289 A vulnerability classified as problematic was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. Affected by this vulnerability is the function post of the file omod/src/main/java/org/openmrs/module/referenceapplication/page/controller/UserAppPageController.java of the component User App Page. The manip CVE project by @Sn0wAlice Create: 2023-01-06 19:40:59 +0000 UTC Push: 2023-01-06 19:41:02 +0000 UTC |

Live-Hack-CVE/CVE-2021-4288 A vulnerability was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. It has been rated as problematic. This issue affects some unknown processing of the file omod/src/main/webapp/pages/userApp.gsp. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to versi CVE project by @Sn0wAlice Create: 2023-01-06 19:40:55 +0000 UTC Push: 2023-01-06 19:40:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-4766 A vulnerability was found in dolibarr_project_timesheet up to 4.5.5. It has been declared as problematic. This vulnerability affects unknown code of the component Form Handler. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. Upgrading to version 4.5.6.a is able to address thi CVE project by @Sn0wAlice Create: 2023-01-06 19:40:51 +0000 UTC Push: 2023-01-06 19:40:53 +0000 UTC |

Live-Hack-CVE/CVE-2023-22671 Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input. CVE project by @Sn0wAlice Create: 2023-01-06 19:40:46 +0000 UTC Push: 2023-01-06 19:40:49 +0000 UTC |

Live-Hack-CVE/CVE-2022-4878 A vulnerability classified as critical has been found in JATOS. Affected is the function ZipUtil of the file modules/common/app/utils/common/ZipUtil.java of the component ZIP Handler. The manipulation leads to path traversal. Upgrading to version 3.7.5-alpha is able to address this issue. The name of the patch is 2b425 CVE project by @Sn0wAlice Create: 2023-01-06 19:40:41 +0000 UTC Push: 2023-01-06 19:40:43 +0000 UTC |