Live-Hack-CVE/CVE-2014-125032 A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The name of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. It is recommended to apply a CVE project by @Sn0wAlice Create: 2023-01-02 20:08:36 +0000 UTC Push: 2023-01-02 20:08:38 +0000 UTC |

Live-Hack-CVE/CVE-2014-125031 A vulnerability was found in kirill2485 TekNet. It has been classified as problematic. Affected is an unknown function of the file pages/loggedin.php. The manipulation of the argument statusentery leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 1c575340539f983333aa4 CVE project by @Sn0wAlice Create: 2023-01-02 20:08:31 +0000 UTC Push: 2023-01-02 20:08:34 +0000 UTC |

Live-Hack-CVE/CVE-2022-42475 A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands CVE project by @Sn0wAlice Create: 2023-01-02 20:08:28 +0000 UTC Push: 2023-01-02 20:08:30 +0000 UTC |

ryan412/CVE-2022-48197 Create: 2023-01-02 18:27:04 +0000 UTC Push: 2023-01-02 18:27:04 +0000 UTC |

SystemVll/CVE-2022-46169 Cacti Unauthenticated Command Injection Create: 2023-01-02 18:03:26 +0000 UTC Push: 2025-06-12 23:47:50 +0000 UTC |

Live-Hack-CVE/CVE-2021-21366 xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.4.0 and older do not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents. This may lead to unexpected syntactic changes CVE project by @Sn0wAlice Create: 2023-01-02 05:58:49 +0000 UTC Push: 2023-01-02 05:58:52 +0000 UTC |

Live-Hack-CVE/CVE-2021-4297 A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runs_post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is able to address this CVE project by @Sn0wAlice Create: 2023-01-02 05:58:44 +0000 UTC Push: 2023-01-02 05:58:47 +0000 UTC |

Live-Hack-CVE/CVE-2015-10006 A vulnerability, which was classified as problematic, has been found in admont28 Ingnovarq. Affected by this issue is some unknown functionality of the file app/controller/insertarSliderAjax.php. The manipulation of the argument imagetitle leads to cross site scripting. The attack may be launched remotely. The name of CVE project by @Sn0wAlice Create: 2023-01-02 03:48:41 +0000 UTC Push: 2023-01-02 03:48:44 +0000 UTC |

Live-Hack-CVE/CVE-2013-10006 A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. Upgrading to version 0.8.4rc2 is a CVE project by @Sn0wAlice Create: 2023-01-02 03:48:37 +0000 UTC Push: 2023-01-02 03:48:40 +0000 UTC |

Live-Hack-CVE/CVE-2010-10002 ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of the argument AuthState leads to c CVE project by @Sn0wAlice Create: 2023-01-02 03:48:33 +0000 UTC Push: 2023-01-02 03:48:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-22551 The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc is used but free is not. CVE project by @Sn0wAlice Create: 2023-01-02 03:48:29 +0000 UTC Push: 2023-01-02 03:48:32 +0000 UTC |

philippedixon/CVE-2018-15473 Create: 2023-01-02 03:31:24 +0000 UTC Push: 2023-01-02 03:31:24 +0000 UTC |

Live-Hack-CVE/CVE-2023-0029 A vulnerability was found in Multilaser RE708 RE1200R4GC-2T2R-V3_v3411b_MUL029B. It has been rated as problematic. This issue affects some unknown processing of the component Telnet Service. The manipulation leads to denial of service. The attack may be initiated remotely. The identifier VDB-217169 was assigned to this CVE project by @Sn0wAlice Create: 2023-01-01 23:28:20 +0000 UTC Push: 2023-01-01 23:28:22 +0000 UTC |

houseofxyz/CVE-2020-17382 Create: 2023-01-01 21:49:07 +0000 UTC Push: 2023-01-01 21:49:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-47952 lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NO CVE project by @Sn0wAlice Create: 2023-01-01 20:13:26 +0000 UTC Push: 2023-01-01 20:13:29 +0000 UTC |

Live-Hack-CVE/CVE-2021-41823 The Web Application Firewall (WAF) in Kemp LoadMaster 7.2.54.1 allows certain uses of onmouseover to bypass an XSS protection mechanism. CVE project by @Sn0wAlice Create: 2023-01-01 20:13:22 +0000 UTC Push: 2023-01-01 20:13:25 +0000 UTC |

Live-Hack-CVE/CVE-2022-48198 The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled time_ref_topic parameter. CVE project by @Sn0wAlice Create: 2023-01-01 20:13:12 +0000 UTC Push: 2023-01-01 20:13:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-47634 M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867. CVE project by @Sn0wAlice Create: 2023-01-01 20:13:08 +0000 UTC Push: 2023-01-01 20:13:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-45213 perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL. CVE project by @Sn0wAlice Create: 2023-01-01 20:13:04 +0000 UTC Push: 2023-01-01 20:13:06 +0000 UTC |

Live-Hack-CVE/CVE-2022-45027 perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address. CVE project by @Sn0wAlice Create: 2023-01-01 20:13:00 +0000 UTC Push: 2023-01-01 20:13:02 +0000 UTC |