Live-Hack-CVE/CVE-2017-11591 There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:36 +0000 UTC Push: 2023-01-14 01:14:39 +0000 UTC |

Live-Hack-CVE/CVE-2017-14862 An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:32 +0000 UTC Push: 2023-01-14 01:14:35 +0000 UTC |

Live-Hack-CVE/CVE-2018-20097 There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. CVE project by @Sn0wAlice Create: 2023-01-14 01:14:28 +0000 UTC Push: 2023-01-14 01:14:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-47860 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:08:13 +0000 UTC Push: 2023-01-14 00:08:16 +0000 UTC |

Live-Hack-CVE/CVE-2022-47859 Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePassword.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:08:08 +0000 UTC Push: 2023-01-14 00:08:11 +0000 UTC |

Live-Hack-CVE/CVE-2022-47864 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:08:03 +0000 UTC Push: 2023-01-14 00:08:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-47862 Lead Management System v1.0 is vulnerable to SQL Injection via the customer_id parameter in ajax_represent.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:07:57 +0000 UTC Push: 2023-01-14 00:08:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-47861 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php. CVE project by @Sn0wAlice Create: 2023-01-14 00:07:52 +0000 UTC Push: 2023-01-14 00:07:56 +0000 UTC |

Live-Hack-CVE/CVE-2020-36626 A vulnerability classified as critical has been found in Modern Tribe Panel Builder Plugin. Affected is the function add_post_content_filtered_to_search_sql of the file ModularContent/SearchFilter.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed CVE project by @Sn0wAlice Create: 2023-01-14 00:07:44 +0000 UTC Push: 2023-01-14 00:07:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-47083 Spitfire CMS 1.0.475 is vulnerable to PHP Object Injection. CVE project by @Sn0wAlice Create: 2023-01-14 00:07:40 +0000 UTC Push: 2023-01-14 00:07:43 +0000 UTC |

WellingtonEspindula/SSI-CVE-2022-21661 Information System's Security 2nd Assignment Create: 2023-01-13 21:31:34 +0000 UTC Push: 2023-01-20 22:05:21 +0000 UTC |

offalltn/CVE-2022-45299 CVE 2022-45299 Create: 2023-01-13 19:47:02 +0000 UTC Push: 2023-01-13 19:58:59 +0000 UTC |

Live-Hack-CVE/CVE-2022-4710 The Royal Elementor Addons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.3.59, due to due to insufficient input sanitization and output escaping of the 'wpr_ajax_search_link_target' parameter in the 'data_fetch' function. This makes it possible for unauthentica CVE project by @Sn0wAlice Create: 2023-01-13 19:41:46 +0000 UTC Push: 2023-01-13 19:41:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-4709 The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_import_library_template' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to import and activate templates from the plugin' CVE project by @Sn0wAlice Create: 2023-01-13 19:41:42 +0000 UTC Push: 2023-01-13 19:41:44 +0000 UTC |

Live-Hack-CVE/CVE-2022-4708 The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_save_template_conditions' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to modify the conditions under which templates a CVE project by @Sn0wAlice Create: 2023-01-13 19:41:37 +0000 UTC Push: 2023-01-13 19:41:40 +0000 UTC |

Live-Hack-CVE/CVE-2022-4707 The Royal Elementor Addons plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.59. This is due to missing nonce validation in the 'wpr_create_mega_menu_template' AJAX function. This allows unauthenticated attackers to create Mega Menu templates, granted they can trick CVE project by @Sn0wAlice Create: 2023-01-13 19:41:33 +0000 UTC Push: 2023-01-13 19:41:36 +0000 UTC |

Live-Hack-CVE/CVE-2022-4704 The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_import_templates_kit' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to import preset site configuration templates includ CVE project by @Sn0wAlice Create: 2023-01-13 19:41:28 +0000 UTC Push: 2023-01-13 19:41:31 +0000 UTC |

Live-Hack-CVE/CVE-2022-4705 The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_final_settings_setup' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to finalize activation of preset site configuration CVE project by @Sn0wAlice Create: 2023-01-13 19:41:24 +0000 UTC Push: 2023-01-13 19:41:27 +0000 UTC |

Live-Hack-CVE/CVE-2022-3693 The File Management System developed by FileOrbis before version 10.6.3 has an unauthenticated local file inclusion and path traversal vulnerability. This has been fixed in the version 10.6.3 CVE project by @Sn0wAlice Create: 2023-01-13 19:41:20 +0000 UTC Push: 2023-01-13 19:41:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-0283 A vulnerability classified as critical has been found in SourceCodester Online Flight Booking Management System. This affects an unknown part of the file review_search.php of the component POST Parameter Handler. The manipulation of the argument txtsearch leads to sql injection. It is possible to initiate the attack re CVE project by @Sn0wAlice Create: 2023-01-13 19:40:59 +0000 UTC Push: 2023-01-13 19:41:02 +0000 UTC |