Live-Hack-CVE/CVE-2021-35576 Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Oracle Net to compromise O CVE project by @Sn0wAlice Create: 2023-01-03 03:45:07 +0000 UTC Push: 2023-01-03 03:45:10 +0000 UTC |

Live-Hack-CVE/CVE-2014-125038 A vulnerability has been found in IS_Projecto2 and classified as critical. This vulnerability affects unknown code of the file Cnn-EJB/ejbModule/ejbs/NewsBean.java. The manipulation of the argument date leads to sql injection. The name of the patch is aa128b2c9c9fdcbbf5ecd82c1e92103573017fe0. It is recommended to apply CVE project by @Sn0wAlice Create: 2023-01-03 03:45:02 +0000 UTC Push: 2023-01-03 03:45:05 +0000 UTC |

Live-Hack-CVE/CVE-2014-125037 A vulnerability, which was classified as critical, was found in License to Kill. This affects an unknown part of the file models/injury.rb. The manipulation of the argument name leads to sql injection. The name of the patch is cd11cf174f361c98e9b1b4c281aa7b77f46b5078. It is recommended to apply a patch to fix this issu CVE project by @Sn0wAlice Create: 2023-01-03 03:44:58 +0000 UTC Push: 2023-01-03 03:45:01 +0000 UTC |

Inplex-sys/CVE-2022-46169 Cacti Unauthenticated Command Injection Create: 2023-01-03 02:03:26 +0000 UTC Push: 2023-01-03 02:03:26 +0000 UTC |

Live-Hack-CVE/CVE-2023-22451 Kiwi TCMS is an open source test management system. In version 11.6 and prior, when users register new accounts and/or change passwords, there is no validation in place which would prevent them from picking an easy to guess password. This issue is resolved by providing defaults for the `AUTH_PASSWORD_VALIDATORS` config CVE project by @Sn0wAlice Create: 2023-01-03 01:34:51 +0000 UTC Push: 2023-01-03 01:34:54 +0000 UTC |

Live-Hack-CVE/CVE-2022-48197 ** UNSUPPORTED WHEN ASSIGNED ** Reflected cross-site scripting (XSS) exists in the TreeView of YUI2 through 2800: up.php sam.php renderhidden.php removechildren.php removeall.php readd.php overflow.php newnode2.php newnode.php. NOTE: This vulnerability only affects products that are no longer supported by the maintaine CVE project by @Sn0wAlice Create: 2023-01-03 01:34:47 +0000 UTC Push: 2023-01-03 01:34:50 +0000 UTC |

Live-Hack-CVE/CVE-2017-20161 A vulnerability classified as problematic has been found in rofl0r MacGeiger. Affected is the function dump_wlan_at of the file macgeiger.c of the component ESSID Handler. The manipulation leads to injection. Access to the local network is required for this attack to succeed. The name of the patch is 57f1dd50a4821b8c8e CVE project by @Sn0wAlice Create: 2023-01-03 01:34:43 +0000 UTC Push: 2023-01-03 01:34:46 +0000 UTC |

Live-Hack-CVE/CVE-2015-10009 A vulnerability was found in nterchange up to 4.1.0. It has been rated as critical. This issue affects the function getContent of the file app/controllers/code_caller_controller.php. The manipulation of the argument q with the input %5C%27%29;phpinfo%28%29;/* leads to code injection. The exploit has been disclosed to t CVE project by @Sn0wAlice Create: 2023-01-03 01:34:39 +0000 UTC Push: 2023-01-03 01:34:41 +0000 UTC |

Live-Hack-CVE/CVE-2014-125035 A vulnerability classified as problematic was found in Jobs-Plugin. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The name of the patch is b8a56718b1d42834c6ec51d9c489c5dc20471d7b. It is recommended to apply a patch to fi CVE project by @Sn0wAlice Create: 2023-01-03 01:34:35 +0000 UTC Push: 2023-01-03 01:34:37 +0000 UTC |

batuhan-dilek99/CVE-2019-5736 images for proof of concept Create: 2023-01-03 00:41:46 +0000 UTC Push: 2023-01-03 00:41:47 +0000 UTC |

Live-Hack-CVE/CVE-2019-25093 A vulnerability, which was classified as problematic, was found in dragonexpert Recent Threads on Index. Affected is the function recentthread_list_threads of the file inc/plugins/recentthreads/hooks.php of the component Setting Handler. The manipulation of the argument recentthread_forumskip leads to cross site script CVE project by @Sn0wAlice Create: 2023-01-02 21:14:07 +0000 UTC Push: 2023-01-02 21:14:11 +0000 UTC |

Live-Hack-CVE/CVE-2015-10008 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in 82Flex WEIPDCRM. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The name of the patch is 43bad79392332fa39e31b95268e76f CVE project by @Sn0wAlice Create: 2023-01-02 21:14:03 +0000 UTC Push: 2023-01-02 21:14:06 +0000 UTC |

Live-Hack-CVE/CVE-2015-10007 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in 82Flex WEIPDCRM and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is 43bad79392332fa3 CVE project by @Sn0wAlice Create: 2023-01-02 21:13:59 +0000 UTC Push: 2023-01-02 21:14:02 +0000 UTC |

Live-Hack-CVE/CVE-2014-125034 A vulnerability has been found in stiiv contact_app and classified as problematic. Affected by this vulnerability is the function render of the file libs/View.php. The manipulation of the argument var leads to cross site scripting. The attack can be launched remotely. The name of the patch is 67bec33f559da9d41a1b45eb9e CVE project by @Sn0wAlice Create: 2023-01-02 21:13:55 +0000 UTC Push: 2023-01-02 21:13:58 +0000 UTC |

Live-Hack-CVE/CVE-2021-4299 A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to version 0.12.8 is able to ad CVE project by @Sn0wAlice Create: 2023-01-02 20:08:51 +0000 UTC Push: 2023-01-02 20:08:53 +0000 UTC |

Live-Hack-CVE/CVE-2021-4298 A vulnerability classified as critical has been found in Hesburgh Libraries of Notre Dame Sipity. This affects the function SearchCriteriaForWorksParameter of the file app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb. The manipulation leads to sql injection. Upgrading to version 2021.8 is able to CVE project by @Sn0wAlice Create: 2023-01-02 20:08:47 +0000 UTC Push: 2023-01-02 20:08:50 +0000 UTC |

Live-Hack-CVE/CVE-2016-15006 A vulnerability, which was classified as problematic, has been found in enigmaX up to 2.2. This issue affects the function getSeed of the file main.c of the component Scrambling Table Handler. The manipulation leads to predictable seed in pseudo-random number generator (prng). The attack may be initiated remotely. Upgr CVE project by @Sn0wAlice Create: 2023-01-02 20:08:43 +0000 UTC Push: 2023-01-02 20:08:45 +0000 UTC |

Live-Hack-CVE/CVE-2014-125033 A vulnerability was found in rails-cv-app. It has been rated as problematic. Affected by this issue is some unknown functionality of the file app/controllers/uploaded_files_controller.rb. The manipulation with the input ../../../etc/passwd leads to path traversal: '../filedir'. The exploit has been disclosed to the pub CVE project by @Sn0wAlice Create: 2023-01-02 20:08:39 +0000 UTC Push: 2023-01-02 20:08:42 +0000 UTC |

Live-Hack-CVE/CVE-2014-125032 A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The name of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. It is recommended to apply a CVE project by @Sn0wAlice Create: 2023-01-02 20:08:36 +0000 UTC Push: 2023-01-02 20:08:38 +0000 UTC |

Live-Hack-CVE/CVE-2014-125031 A vulnerability was found in kirill2485 TekNet. It has been classified as problematic. Affected is an unknown function of the file pages/loggedin.php. The manipulation of the argument statusentery leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 1c575340539f983333aa4 CVE project by @Sn0wAlice Create: 2023-01-02 20:08:31 +0000 UTC Push: 2023-01-02 20:08:34 +0000 UTC |