unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
Live-Hack-CVE/CVE-2023-21871
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can CVE project by @Sn0wAlice
Create: 2023-01-25 06:04:41 +0000 UTC Push: 2023-01-25 06:04:44 +0000 UTC |
Live-Hack-CVE/CVE-2023-21879
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulner CVE project by @Sn0wAlice
Create: 2023-01-25 06:04:36 +0000 UTC Push: 2023-01-25 06:04:39 +0000 UTC |
Live-Hack-CVE/CVE-2023-21878
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulner CVE project by @Sn0wAlice
Create: 2023-01-25 06:04:33 +0000 UTC Push: 2023-01-25 06:04:35 +0000 UTC |
Live-Hack-CVE/CVE-2023-21876
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulner CVE project by @Sn0wAlice
Create: 2023-01-25 06:04:29 +0000 UTC Push: 2023-01-25 06:04:31 +0000 UTC |
Live-Hack-CVE/CVE-2023-21877
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can CVE project by @Sn0wAlice
Create: 2023-01-25 06:04:25 +0000 UTC Push: 2023-01-25 06:04:28 +0000 UTC |
Live-Hack-CVE/CVE-2023-21875
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.31 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o CVE project by @Sn0wAlice
Create: 2023-01-25 06:04:22 +0000 UTC Push: 2023-01-25 06:04:24 +0000 UTC |
manas3c/CVE-2023-22960
Create: 2023-01-25 04:23:09 +0000 UTC Push: 2023-01-25 04:23:19 +0000 UTC |
Live-Hack-CVE/CVE-2020-15434
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_php_pecl.php. When parsing the canal parameter, the process does not properly validate CVE project by @Sn0wAlice
Create: 2023-01-25 03:51:05 +0000 UTC Push: 2023-01-25 03:51:07 +0000 UTC |
Live-Hack-CVE/CVE-2019-14726
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account. CVE project by @Sn0wAlice
Create: 2023-01-25 03:51:01 +0000 UTC Push: 2023-01-25 03:51:03 +0000 UTC |
Live-Hack-CVE/CVE-2018-18774
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows XSS via the admin/index.php module parameter. CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:58 +0000 UTC Push: 2023-01-25 03:51:00 +0000 UTC |
Live-Hack-CVE/CVE-2020-15616
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_list_accounts.php. When parsing the package parameter, the process does not pro CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:54 +0000 UTC Push: 2023-01-25 03:50:56 +0000 UTC |
Live-Hack-CVE/CVE-2019-14729
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account. CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:50 +0000 UTC Push: 2023-01-25 03:50:53 +0000 UTC |
Live-Hack-CVE/CVE-2020-15435
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard.php. When parsing the service_start parameter, the process does not properly CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:47 +0000 UTC Push: 2023-01-25 03:50:49 +0000 UTC |
Live-Hack-CVE/CVE-2020-15624
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_new_account.php. When parsing the domain parameter, the process does not proper CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:43 +0000 UTC Push: 2023-01-25 03:50:45 +0000 UTC |
Live-Hack-CVE/CVE-2020-15620
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_list_accounts.php. When parsing the id parameter, the process does not properly CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:40 +0000 UTC Push: 2023-01-25 03:50:42 +0000 UTC |
Live-Hack-CVE/CVE-2019-13359
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user. CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:35 +0000 UTC Push: 2023-01-25 03:50:38 +0000 UTC |
Live-Hack-CVE/CVE-2020-15422
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mod_security.php. When parsing the archivo parameter, the process does not properly val CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:32 +0000 UTC Push: 2023-01-25 03:50:34 +0000 UTC |
Live-Hack-CVE/CVE-2020-15429
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_crons.php. When parsing the user parameter, the process does not properly validate a us CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:28 +0000 UTC Push: 2023-01-25 03:50:30 +0000 UTC |
Live-Hack-CVE/CVE-2020-15612
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_ftp_manager.php. When parsing the userLogin parameter, the process does not properly va CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:24 +0000 UTC Push: 2023-01-25 03:50:27 +0000 UTC |
Live-Hack-CVE/CVE-2019-15235
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the victim's password (for the OS and phpMyAdmin) via an att CVE project by @Sn0wAlice
Create: 2023-01-25 03:50:21 +0000 UTC Push: 2023-01-25 03:50:23 +0000 UTC |
Previous
491
492
493
494
495
496
497
498
Next