Live-Hack-CVE/CVE-2023-23923 The vulnerability was found Moodle which exists due to insufficient limitations on the "start page" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality. CVE project by @Sn0wAlice Create: 2023-02-18 06:13:00 +0000 UTC Push: 2023-02-18 06:13:02 +0000 UTC |

Live-Hack-CVE/CVE-2023-23922 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attack CVE project by @Sn0wAlice Create: 2023-02-18 06:12:56 +0000 UTC Push: 2023-02-18 06:12:58 +0000 UTC |

Live-Hack-CVE/CVE-2023-23921 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a CVE project by @Sn0wAlice Create: 2023-02-18 06:12:52 +0000 UTC Push: 2023-02-18 06:12:55 +0000 UTC |

Live-Hack-CVE/CVE-2023-21451 A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:49 +0000 UTC Push: 2023-02-18 06:12:51 +0000 UTC |

Live-Hack-CVE/CVE-2023-21420 Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:45 +0000 UTC Push: 2023-02-18 06:12:47 +0000 UTC |

Live-Hack-CVE/CVE-2023-21446 Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:41 +0000 UTC Push: 2023-02-18 06:12:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-24348 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:38 +0000 UTC Push: 2023-02-18 06:12:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-24349 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:35 +0000 UTC Push: 2023-02-18 06:12:37 +0000 UTC |

Live-Hack-CVE/CVE-2023-24352 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:31 +0000 UTC Push: 2023-02-18 06:12:33 +0000 UTC |

Live-Hack-CVE/CVE-2023-21445 Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:28 +0000 UTC Push: 2023-02-18 06:12:30 +0000 UTC |

Live-Hack-CVE/CVE-2023-24350 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. CVE project by @Sn0wAlice Create: 2023-02-18 06:12:24 +0000 UTC Push: 2023-02-18 06:12:26 +0000 UTC |

eduardosantos1989/CVE-2023-22941 In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a [Field Transformation](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Managefieldtransforms) crashes the Splunk daemon (splunkd). CVE project by @Sn0wAlice Create: 2023-02-18 05:26:05 +0000 UTC Push: 2023-02-18 05:27:43 +0000 UTC |

Live-Hack-CVE/CVE-2021-35261 File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:39 +0000 UTC Push: 2023-02-18 04:02:41 +0000 UTC |

Live-Hack-CVE/CVE-2021-33949 An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:35 +0000 UTC Push: 2023-02-18 04:02:37 +0000 UTC |

Live-Hack-CVE/CVE-2021-34182 An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:31 +0000 UTC Push: 2023-02-18 04:02:34 +0000 UTC |

Live-Hack-CVE/CVE-2021-33948 SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:28 +0000 UTC Push: 2023-02-18 04:02:30 +0000 UTC |

Live-Hack-CVE/CVE-2021-34164 Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:24 +0000 UTC Push: 2023-02-18 04:02:27 +0000 UTC |

Live-Hack-CVE/CVE-2021-33237 Cross Site Scripting vulnerability in YMFE yapo v1.9.1 allows attacker to execute arbitrary code via the remark parameter of the interface edit page. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:21 +0000 UTC Push: 2023-02-18 04:02:23 +0000 UTC |

Live-Hack-CVE/CVE-2021-33226 Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:17 +0000 UTC Push: 2023-02-18 04:02:20 +0000 UTC |

Live-Hack-CVE/CVE-2021-33983 Buffer Overflow vulnerability in Dvidelabs flatcc v.0.6.0 allows local attacker to execute arbitrary code via the fltacc execution of the error_ref_sym function. CVE project by @Sn0wAlice Create: 2023-02-18 04:02:14 +0000 UTC Push: 2023-02-18 04:02:16 +0000 UTC |