Live-Hack-CVE/CVE-2021-46873 WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently useless. CVE project by @Sn0wAlice Create: 2023-01-30 10:16:03 +0000 UTC Push: 2023-01-30 10:16:05 +0000 UTC |

Live-Hack-CVE/CVE-2023-24065 NOSH 4a5cfdb allows stored XSS via the create user page. For example, a first name (of a physician, assistant, or billing user) can have a JavaScript payload that is executed upon visiting the /users/2/1 page. This may allow attackers to steal Protected Health Information because the product is for health charting. CVE project by @Sn0wAlice Create: 2023-01-30 08:04:38 +0000 UTC Push: 2023-01-30 08:04:41 +0000 UTC |

Live-Hack-CVE/CVE-2023-0566 Static Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10. CVE project by @Sn0wAlice Create: 2023-01-30 08:04:35 +0000 UTC Push: 2023-01-30 08:04:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-0565 Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10. CVE project by @Sn0wAlice Create: 2023-01-30 08:04:32 +0000 UTC Push: 2023-01-30 08:04:34 +0000 UTC |

Live-Hack-CVE/CVE-2016-15022 A vulnerability was found in mosbth cimage up to 0.7.18. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file check_system.php. The manipulation of the argument $_SERVER['SERVER_SOFTWARE'] leads to cross site scripting. The attack can be launched remotely. Upgradin CVE project by @Sn0wAlice Create: 2023-01-30 05:52:53 +0000 UTC Push: 2023-01-30 05:52:55 +0000 UTC |

Live-Hack-CVE/CVE-2009-10003 A vulnerability was found in capnsquarepants wordcraft up to 0.6. It has been classified as problematic. Affected is an unknown function of the file tag.php. The manipulation of the argument tag leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 0.7 is able to address this CVE project by @Sn0wAlice Create: 2023-01-30 05:52:50 +0000 UTC Push: 2023-01-30 05:52:52 +0000 UTC |

Live-Hack-CVE/CVE-2023-0569 Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. CVE project by @Sn0wAlice Create: 2023-01-30 03:44:30 +0000 UTC Push: 2023-01-30 03:44:31 +0000 UTC |

Live-Hack-CVE/CVE-2021-23434 This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === '__proto__' returns false if currentPath is ['__proto__']. This is because the === operat CVE project by @Sn0wAlice Create: 2023-01-30 03:44:26 +0000 UTC Push: 2023-01-30 03:44:28 +0000 UTC |

Live-Hack-CVE/CVE-2021-3805 object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') CVE project by @Sn0wAlice Create: 2023-01-30 03:44:23 +0000 UTC Push: 2023-01-30 03:44:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-0571 A vulnerability has been found in SourceCodester Canteen Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file createcustomer.php of the component Add Customer. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. T CVE project by @Sn0wAlice Create: 2023-01-30 03:44:20 +0000 UTC Push: 2023-01-30 03:44:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-0570 A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file user\operations\payment_operation.php. The manipulation of the argument booking_id leads to sql injection. It is possible to initiate the attack remotely. CVE project by @Sn0wAlice Create: 2023-01-30 03:44:16 +0000 UTC Push: 2023-01-30 03:44:18 +0000 UTC |

MataKucing-OFC/CVE-2018-17254 Joomla JCK Editor 6.4.4 - 'parent' SQL Injection Create: 2023-01-30 01:07:10 +0000 UTC Push: 2023-01-30 01:07:10 +0000 UTC |

Live-Hack-CVE/CVE-2020-4051 In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16 CVE project by @Sn0wAlice Create: 2023-01-29 23:20:27 +0000 UTC Push: 2023-01-29 23:20:29 +0000 UTC |

Live-Hack-CVE/CVE-2021-23450 All versions of package dojo are vulnerable to Prototype Pollution via the setObject function. CVE project by @Sn0wAlice Create: 2023-01-29 23:20:24 +0000 UTC Push: 2023-01-29 23:20:26 +0000 UTC |

Cyb3rtus/keepass_CVE-2023-24055_yara_rule Contains a simple yara rule to hunt for possible compromised KeePass config files Create: 2023-01-29 22:13:44 +0000 UTC Push: 2023-01-29 22:13:44 +0000 UTC |

nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765- Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6 Create: 2023-01-29 18:36:40 +0000 UTC Push: 2023-01-29 18:36:40 +0000 UTC |

nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765 Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6 Create: 2023-01-29 18:36:40 +0000 UTC Push: 2023-01-29 18:37:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-0564 Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10. CVE project by @Sn0wAlice Create: 2023-01-29 14:37:11 +0000 UTC Push: 2023-01-29 14:37:13 +0000 UTC |

Live-Hack-CVE/CVE-2022-48285 loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive. CVE project by @Sn0wAlice Create: 2023-01-29 14:37:06 +0000 UTC Push: 2023-01-29 14:37:08 +0000 UTC |

SeasonLeague/CVE-2017-5487 This is a vulnerability in the Linux kernel that was discovered and disclosed in 2017. Create: 2023-01-29 12:43:37 +0000 UTC Push: 2023-01-29 12:43:37 +0000 UTC |