Live-Hack-CVE/CVE-2022-4860 A vulnerability was found in KBase Metrics. It has been classified as critical. This affects the function upload_user_data of the file source/daily_cron_jobs/methods_upload_user_stats.py. The manipulation leads to sql injection. The name of the patch is 959dfb6b05991e30b0fa972a1ecdcaae8e1dae6d. It is recommended to app CVE project by @Sn0wAlice Create: 2023-01-07 03:20:04 +0000 UTC Push: 2023-01-07 03:20:07 +0000 UTC |

Live-Hack-CVE/CVE-2022-4861 Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource. CVE project by @Sn0wAlice Create: 2023-01-07 03:20:00 +0000 UTC Push: 2023-01-07 03:20:03 +0000 UTC |

viardant/CVE-2022-0739 Exploit for WP BookingPress (< 1.0.11) based on destr4ct POC. Create: 2023-01-07 03:07:11 +0000 UTC Push: 2023-01-07 03:07:12 +0000 UTC |

Live-Hack-CVE/CVE-2020-7118 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:15:05 +0000 UTC Push: 2023-01-07 02:15:09 +0000 UTC |

Live-Hack-CVE/CVE-2020-7112 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:15:01 +0000 UTC Push: 2023-01-07 02:15:04 +0000 UTC |

Live-Hack-CVE/CVE-2020-24645 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:57 +0000 UTC Push: 2023-01-07 02:15:00 +0000 UTC |

Live-Hack-CVE/CVE-2020-24644 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:52 +0000 UTC Push: 2023-01-07 02:14:56 +0000 UTC |

Live-Hack-CVE/CVE-2020-24643 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:48 +0000 UTC Push: 2023-01-07 02:14:51 +0000 UTC |

Live-Hack-CVE/CVE-2020-24642 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:43 +0000 UTC Push: 2023-01-07 02:14:47 +0000 UTC |

Live-Hack-CVE/CVE-2019-5325 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:40 +0000 UTC Push: 2023-01-07 02:14:42 +0000 UTC |

Live-Hack-CVE/CVE-2019-5316 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:35 +0000 UTC Push: 2023-01-07 02:14:39 +0000 UTC |

Live-Hack-CVE/CVE-2019-5313 CVE was unused by HPE. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:31 +0000 UTC Push: 2023-01-07 02:14:34 +0000 UTC |

Live-Hack-CVE/CVE-2016-15005 CSRF tokens are generated using math/rand, which is not a cryptographically secure rander number generation, making predicting their values relatively trivial and allowing an attacker to bypass CSRF protections which relatively few requests. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:27 +0000 UTC Push: 2023-01-07 02:14:30 +0000 UTC |

Live-Hack-CVE/CVE-2017-20146 Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:22 +0000 UTC Push: 2023-01-07 02:14:25 +0000 UTC |

Live-Hack-CVE/CVE-2018-25046 Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:17 +0000 UTC Push: 2023-01-07 02:14:21 +0000 UTC |

Live-Hack-CVE/CVE-2019-25091 A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRF_COOKIE_HTTPONLY leads to cookie without 'httponly' flag. It is possible to initiate the attack rem CVE project by @Sn0wAlice Create: 2023-01-07 02:14:13 +0000 UTC Push: 2023-01-07 02:14:16 +0000 UTC |

Live-Hack-CVE/CVE-2021-4296 A vulnerability, which was classified as problematic, has been found in w3c Unicorn. This issue affects the function ValidatorNuMessage of the file src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The CVE project by @Sn0wAlice Create: 2023-01-07 02:14:08 +0000 UTC Push: 2023-01-07 02:14:11 +0000 UTC |

Live-Hack-CVE/CVE-2019-25072 Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector. CVE project by @Sn0wAlice Create: 2023-01-07 02:14:05 +0000 UTC Push: 2023-01-07 02:14:07 +0000 UTC |

Live-Hack-CVE/CVE-2021-4295 A vulnerability classified as problematic was found in ONC code-validator-api up to 1.0.30. This vulnerability affects the function vocabularyValidationConfigurations of the file src/main/java/org/sitenv/vocabularies/configuration/CodeValidatorApiConfiguration.java of the component XML Handler. The manipulation leads t CVE project by @Sn0wAlice Create: 2023-01-07 02:14:00 +0000 UTC Push: 2023-01-07 02:14:03 +0000 UTC |

Live-Hack-CVE/CVE-2018-25050 A vulnerability, which was classified as problematic, has been found in Harvest Chosen up to 1.8.6. Affected by this issue is the function AbstractChosen of the file coffee/lib/abstract-chosen.coffee. The manipulation of the argument group_label leads to cross site scripting. The attack may be launched remotely. Upgrad CVE project by @Sn0wAlice Create: 2023-01-07 02:13:56 +0000 UTC Push: 2023-01-07 02:13:59 +0000 UTC |