渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Cross-Site Request Forgery (CSRF) vulnerability in Alexey Trofimov's Access Code Feeder plugin <= 1.0.3 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38059
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Cross-Site Request Forgery (CSRF) vulnerability in Alexey Trofimov's Access Code Feeder plugin <= 1.0.3 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38059
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-38059: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38058
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38058
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-38058: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Galerio & Urda's Better Delete Revision plugin <= 1.6.1 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37412
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Galerio & Urda's Better Delete Revision plugin <= 1.6.1 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37412
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-37412: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37407
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37407
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-37407: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Cross-Site Request Forgery (CSRF) vulnerability in Mickey Kay's Better Font Awesome plugin <= 2.0.1 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37405
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Cross-Site Request Forgery (CSRF) vulnerability in Mickey Kay's Better Font Awesome plugin <= 2.0.1 at WordPress. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-37405
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-37405: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38054
#CVE_2022
创建者:Live-Hack-CVE
项目描述:In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38054
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-38054: In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend…
In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. CVE project by @Sn0wAlice - GitHub - Live-Hack-CVE/CVE-2022-38054: In A...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38370
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-38370
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-38370: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29500
#CVE_2022
创建者:Live-Hack-CVE
项目描述:SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29500
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-29500: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29501
#CVE_2022
创建者:Live-Hack-CVE
项目描述:SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29501
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-29501: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29502
#CVE_2022
创建者:Live-Hack-CVE
项目描述:SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-29502
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-29502: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36620
#CVE_2022
创建者:Live-Hack-CVE
项目描述:D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36620
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36620: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:CircuitVerse is an open-source platform which allows users to construct digital logic circuits online. A remote code execution (RCE) vulnerability in CircuitVerse allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This issue may lead to Remote Code Execution (RCE). A patch is CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36038
#rce
创建者:Live-Hack-CVE
项目描述:CircuitVerse is an open-source platform which allows users to construct digital logic circuits online. A remote code execution (RCE) vulnerability in CircuitVerse allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This issue may lead to Remote Code Execution (RCE). A patch is CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36038
#rce
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36038: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:A stored cross-site scripting (XSS) vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36639
#CVE_2022
创建者:Live-Hack-CVE
项目描述:A stored cross-site scripting (XSS) vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36639
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36639: A stored cross-site scripting (XSS) vulnerability in /client.php of Garage Management System…
A stored cross-site scripting (XSS) vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the n...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:An access control issue in the component print.php of Garage Management System v1.0 allows unauthenticated attackers to access data for all existing orders. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36638
#CVE_2022
创建者:Live-Hack-CVE
项目描述:An access control issue in the component print.php of Garage Management System v1.0 allows unauthenticated attackers to access data for all existing orders. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36638
#CVE_2022
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a **single** HTTP POST request to create a databaseType. By supplying a `jdbcDriverFileUrl` that returns a non `200` response code, the url is executed, the re CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-31196
#CVE_2022
创建者:Live-Hack-CVE
项目描述:Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a **single** HTTP POST request to create a databaseType. By supplying a `jdbcDriverFileUrl` that returns a non `200` response code, the url is executed, the re CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-31196
#CVE_2022
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator's cookie. The issue is fixed in version 5.0.2. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35933
#CVE_2022
创建者:Live-Hack-CVE
项目描述:This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator's cookie. The issue is fixed in version 5.0.2. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-35933
#CVE_2022
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-39829
#CVE_2022
创建者:Live-Hack-CVE
项目描述:There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-39829
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-39829: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2543
#CVE_2022
创建者:Live-Hack-CVE
项目描述:The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-2543
#CVE_2022
GitHub
GitHub - Live-Hack-CVE/CVE-2022-2543: This repository contains a collection of data files on known Common Vulnerabilities and Exposures…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
👍1
渗透/安全推送中心 @cvebird
创建者:CryptoH4ck3r
项目描述:Here is the walk through sheet for the "Red Team Recon" Room on TryHackMe!
项目链接:https://github.com/CryptoH4ck3r/RedTeamRecon
#red_team #pentesting #recon #reconnaissance #redteam #tryhackme #tryhackme_answers
创建者:CryptoH4ck3r
项目描述:Here is the walk through sheet for the "Red Team Recon" Room on TryHackMe!
项目链接:https://github.com/CryptoH4ck3r/RedTeamRecon
#red_team #pentesting #recon #reconnaissance #redteam #tryhackme #tryhackme_answers
GitHub
GitHub - 4L13NH4CK3R/RedTeamRecon: Here is the walk through sheet for the "Red Team Recon" Room on TryHackMe!
Here is the walk through sheet for the "Red Team Recon" Room on TryHackMe! - 4L13NH4CK3R/RedTeamRecon
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:InnoSilicon A10 a10_20200924_120556 was discovered to contain a remote code execution (RCE) vulnerability in the setPlatformAPI function. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36602
#rce
创建者:Live-Hack-CVE
项目描述:InnoSilicon A10 a10_20200924_120556 was discovered to contain a remote code execution (RCE) vulnerability in the setPlatformAPI function. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36602
#rce
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36602: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...
渗透/安全推送中心 @cvebird
创建者:Live-Hack-CVE
项目描述:InnoSilicon T3T+ t2t+_soc_20190911_151433.swu was discovered to contain a remote code execution (RCE) vulnerability in the checkUrl function. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36603
#rce
创建者:Live-Hack-CVE
项目描述:InnoSilicon T3T+ t2t+_soc_20190911_151433.swu was discovered to contain a remote code execution (RCE) vulnerability in the checkUrl function. CVE project by @Sn0wAlice
项目链接:https://github.com/Live-Hack-CVE/CVE-2022-36603
#rce
GitHub
GitHub - Live-Hack-CVE/CVE-2022-36603: This repository contains a collection of data files on known Common Vulnerabilities and…
This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such...