Live-Hack-CVE/CVE-2021-35261 File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:39 +0000 UTC Push: 2023-02-18 04:02:41 +0000 UTC |

Live-Hack-CVE/CVE-2021-33949 An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:35 +0000 UTC Push: 2023-02-18 04:02:37 +0000 UTC |

Live-Hack-CVE/CVE-2021-34182 An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:31 +0000 UTC Push: 2023-02-18 04:02:34 +0000 UTC |

Live-Hack-CVE/CVE-2021-33948 SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:28 +0000 UTC Push: 2023-02-18 04:02:30 +0000 UTC |

Live-Hack-CVE/CVE-2021-34164 Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:24 +0000 UTC Push: 2023-02-18 04:02:27 +0000 UTC |

Live-Hack-CVE/CVE-2021-33237 Cross Site Scripting vulnerability in YMFE yapo v1.9.1 allows attacker to execute arbitrary code via the remark parameter of the interface edit page. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:21 +0000 UTC Push: 2023-02-18 04:02:23 +0000 UTC |

Live-Hack-CVE/CVE-2021-33226 Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:17 +0000 UTC Push: 2023-02-18 04:02:20 +0000 UTC |

Live-Hack-CVE/CVE-2021-33983 Buffer Overflow vulnerability in Dvidelabs flatcc v.0.6.0 allows local attacker to execute arbitrary code via the fltacc execution of the error_ref_sym function. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:14 +0000 UTC Push: 2023-02-18 04:02:16 +0000 UTC |

Live-Hack-CVE/CVE-2021-33926 An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allo CVE project by @Sn0wAlice Create: 2023-02-18 04:02:09 +0000 UTC Push: 2023-02-18 04:02:11 +0000 UTC |

Live-Hack-CVE/CVE-2021-33391 An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:04 +0000 UTC Push: 2023-02-18 04:02:07 +0000 UTC |

Live-Hack-CVE/CVE-2021-32142 Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:01 +0000 UTC Push: 2023-02-18 04:02:03 +0000 UTC |

Live-Hack-CVE/CVE-2021-32441 SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:58 +0000 UTC Push: 2023-02-18 04:02:00 +0000 UTC |

Live-Hack-CVE/CVE-2021-32419 An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:53 +0000 UTC Push: 2023-02-18 04:01:55 +0000 UTC |

Live-Hack-CVE/CVE-2021-32163 Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:49 +0000 UTC Push: 2023-02-18 04:01:51 +0000 UTC |

Live-Hack-CVE/CVE-2020-19824 An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:45 +0000 UTC Push: 2023-02-18 04:01:47 +0000 UTC |

Live-Hack-CVE/CVE-2022-45766 Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:41 +0000 UTC Push: 2023-02-18 04:01:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-0777 Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. CVE project by @Sn0wAlice Create: 2023-02-18 04:01:37 +0000 UTC Push: 2023-02-18 04:01:39 +0000 UTC |

and0x00/CVE-2021-32789 ? Wordpress WooCommerce users dump exploit Create: 2023-02-18 03:51:24 +0000 UTC Push: 2023-02-18 03:51:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-24388 Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete). CVE project by @Sn0wAlice Create: 2023-02-18 01:48:14 +0000 UTC Push: 2023-02-18 01:48:17 +0000 UTC |

Live-Hack-CVE/CVE-2023-24329 An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. CVE project by @Sn0wAlice Create: 2023-02-18 01:48:11 +0000 UTC Push: 2023-02-18 01:48:12 +0000 UTC |