Live-Hack-CVE/CVE-2020-36636 A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x. Affected is the function sendErrorMessage of the file omod/src/main/java/org/openmrs/module/adminui/page/controller/systemadmin/accounts/AccountPageController.java of the component Account Setup Handler. The manipulation le CVE project by @Sn0wAlice Create: 2023-01-06 14:13:42 +0000 UTC Push: 2023-01-06 14:13:45 +0000 UTC |

Live-Hack-CVE/CVE-2021-4291 A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x. It has been declared as problematic. This vulnerability affects unknown code of the file omod/src/main/webapp/pages/metadata/locations/location.gsp. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to versio CVE project by @Sn0wAlice Create: 2023-01-06 14:13:38 +0000 UTC Push: 2023-01-06 14:13:41 +0000 UTC |

Live-Hack-CVE/CVE-2015-5521 Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the name in a new group to backend/groups/index.php. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:34 +0000 UTC Push: 2023-01-06 14:13:37 +0000 UTC |

Live-Hack-CVE/CVE-2022-25923 Versions of the package exec-local-bin before 1.2.0 are vulnerable to Command Injection via the theProcess() functionality due to improper user-input sanitization. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:29 +0000 UTC Push: 2023-01-06 14:13:32 +0000 UTC |

Live-Hack-CVE/CVE-2022-42979 Information disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for Android and iOS allows attackers to take over an account via a deep link. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:25 +0000 UTC Push: 2023-01-06 14:13:28 +0000 UTC |

Live-Hack-CVE/CVE-2022-44870 A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:21 +0000 UTC Push: 2023-01-06 14:13:24 +0000 UTC |

Live-Hack-CVE/CVE-2022-40049 SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manage_user.php page. CVE project by @Sn0wAlice Create: 2023-01-06 14:13:16 +0000 UTC Push: 2023-01-06 14:13:19 +0000 UTC |

111ddea/Xstream_cve-2022-41966 Create: 2023-01-06 10:37:07 +0000 UTC Push: 2023-01-06 10:37:08 +0000 UTC |

Live-Hack-CVE/CVE-2022-44877 RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:29 +0000 UTC Push: 2023-01-06 09:46:32 +0000 UTC |

Live-Hack-CVE/CVE-2021-32828 The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). This XSS can be escalated to Remote Code Execution (RCE) by levering the automation API. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:25 +0000 UTC Push: 2023-01-06 09:46:27 +0000 UTC |

Live-Hack-CVE/CVE-2022-4801 Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:21 +0000 UTC Push: 2023-01-06 09:46:23 +0000 UTC |

Live-Hack-CVE/CVE-2022-4800 Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:16 +0000 UTC Push: 2023-01-06 09:46:19 +0000 UTC |

Live-Hack-CVE/CVE-2022-4812 Comparison of Object References Instead of Object Contents in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:11 +0000 UTC Push: 2023-01-06 09:46:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-4811 Improper Authorization in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:07 +0000 UTC Push: 2023-01-06 09:46:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-4810 Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:46:02 +0000 UTC Push: 2023-01-06 09:46:05 +0000 UTC |

Live-Hack-CVE/CVE-2022-4809 Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:45:58 +0000 UTC Push: 2023-01-06 09:46:01 +0000 UTC |

Live-Hack-CVE/CVE-2022-4808 Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:45:54 +0000 UTC Push: 2023-01-06 09:45:57 +0000 UTC |

Live-Hack-CVE/CVE-2022-4807 Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:45:49 +0000 UTC Push: 2023-01-06 09:45:52 +0000 UTC |

Live-Hack-CVE/CVE-2022-4806 Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:45:44 +0000 UTC Push: 2023-01-06 09:45:48 +0000 UTC |

Live-Hack-CVE/CVE-2022-4805 Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1. CVE project by @Sn0wAlice Create: 2023-01-06 09:45:40 +0000 UTC Push: 2023-01-06 09:45:43 +0000 UTC |