Live-Hack-CVE/CVE-2019-25094 A vulnerability, which was classified as problematic, was found in innologi appointments Extension up to 2.0.5. This affects an unknown part of the component Appointment Handler. The manipulation of the argument formfield leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to versio CVE project by @Sn0wAlice Create: 2023-01-04 20:17:32 +0000 UTC Push: 2023-01-04 20:17:34 +0000 UTC |

Live-Hack-CVE/CVE-2016-15008 A vulnerability was found in oxguy3 coebot-www and classified as problematic. This issue affects the function displayChannelCommands/displayChannelQuotes/displayChannelAutoreplies/showChannelHighlights/showChannelBoir of the file js/channel.js. The manipulation leads to cross site scripting. The attack may be initiated CVE project by @Sn0wAlice Create: 2023-01-04 20:17:27 +0000 UTC Push: 2023-01-04 20:17:30 +0000 UTC |

Live-Hack-CVE/CVE-2014-125039 A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is dce1aecd6ee050a29f953ffd8f02f21c7 CVE project by @Sn0wAlice Create: 2023-01-04 20:17:22 +0000 UTC Push: 2023-01-04 20:17:25 +0000 UTC |

Live-Hack-CVE/CVE-2010-10003 A vulnerability classified as critical was found in gesellix titlelink. Affected by this vulnerability is an unknown functionality of the file plugin_content_title.php. The manipulation of the argument phrase leads to sql injection. The name of the patch is b4604e523853965fa981a4e79aef4b554a535db0. It is recommended to CVE project by @Sn0wAlice Create: 2023-01-04 20:17:17 +0000 UTC Push: 2023-01-04 20:17:20 +0000 UTC |

ajith737/Dirty-Pipe-CVE-2022-0847-POCs Create: 2023-01-04 20:17:12 +0000 UTC Push: 2023-01-04 20:17:14 +0000 UTC |

Live-Hack-CVE/CVE-2022-46081 In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information. CVE project by @Sn0wAlice Create: 2023-01-04 14:48:40 +0000 UTC Push: 2023-01-04 14:48:43 +0000 UTC |

stephenbradshaw/CVE-2022-46164-poc Basic POC exploit for CVE-2022-46164 Create: 2023-01-04 12:17:30 +0000 UTC Push: 2023-01-04 12:17:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-42710 Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting (XSS). CVE project by @Sn0wAlice Create: 2023-01-04 10:17:02 +0000 UTC Push: 2023-01-04 10:17:04 +0000 UTC |

Live-Hack-CVE/CVE-2022-44036 ** DISPUTED ** In b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allowed for admins, leading to command execution. NOTE: the vendor's position is that this is "very obviously a feature not an issue and if you don't like that feature it is very obvious how to disabl CVE project by @Sn0wAlice Create: 2023-01-04 10:16:58 +0000 UTC Push: 2023-01-04 10:17:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-42435 IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, and 22.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force CVE project by @Sn0wAlice Create: 2023-01-04 10:16:53 +0000 UTC Push: 2023-01-04 10:16:56 +0000 UTC |

fastmo/CVE-2022-28672 CVE-2022-28672 Vulnerabilidad Foxit PDF Reader - UaF - RCE - JIT Spraying Create: 2023-01-04 09:39:04 +0000 UTC Push: 2023-01-04 09:39:04 +0000 UTC |

Live-Hack-CVE/CVE-2022-32653 In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue ID: ALPS07262518. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:38 +0000 UTC Push: 2023-01-04 08:08:41 +0000 UTC |

Live-Hack-CVE/CVE-2022-32652 In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262617; Issue ID: ALPS07262617. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:34 +0000 UTC Push: 2023-01-04 08:08:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-32651 In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225857; Issue ID: ALPS07225857. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:30 +0000 UTC Push: 2023-01-04 08:08:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-32650 In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225853; Issue ID: ALPS07225853. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:26 +0000 UTC Push: 2023-01-04 08:08:29 +0000 UTC |

Live-Hack-CVE/CVE-2022-32649 In jpeg, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225840; Issue ID: ALPS07225840. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:21 +0000 UTC Push: 2023-01-04 08:08:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-32648 In disp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535964; Issue ID: ALPS06535964. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:17 +0000 UTC Push: 2023-01-04 08:08:20 +0000 UTC |

Live-Hack-CVE/CVE-2022-32647 In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:13 +0000 UTC Push: 2023-01-04 08:08:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-32646 In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501; Issue ID: ALPS07363501. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:09 +0000 UTC Push: 2023-01-04 08:08:12 +0000 UTC |

Live-Hack-CVE/CVE-2022-32645 In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477. CVE project by @Sn0wAlice Create: 2023-01-04 08:08:05 +0000 UTC Push: 2023-01-04 08:08:08 +0000 UTC |