Live-Hack-CVE/CVE-2022-25926 Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization. CVE project by @Sn0wAlice Create: 2023-01-05 04:08:34 +0000 UTC Push: 2023-01-05 04:08:38 +0000 UTC |

Live-Hack-CVE/CVE-2022-22352 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 22 CVE project by @Sn0wAlice Create: 2023-01-05 04:08:30 +0000 UTC Push: 2023-01-05 04:08:33 +0000 UTC |

Live-Hack-CVE/CVE-2022-22338 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510. CVE project by @Sn0wAlice Create: 2023-01-05 04:08:25 +0000 UTC Push: 2023-01-05 04:08:29 +0000 UTC |

Live-Hack-CVE/CVE-2022-22337 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could disclose sensitive information to an authenticated user. IBM X-Force ID: 219507. CVE project by @Sn0wAlice Create: 2023-01-05 04:08:21 +0000 UTC Push: 2023-01-05 04:08:24 +0000 UTC |

Live-Hack-CVE/CVE-2021-38928 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 210323. CVE project by @Sn0wAlice Create: 2023-01-05 04:08:15 +0000 UTC Push: 2023-01-05 04:08:19 +0000 UTC |

g1vi/CVE-2006-3392-webmin-arbitrary-file-disclosure- Create: 2023-01-05 02:33:28 +0000 UTC Push: 2023-01-05 02:33:28 +0000 UTC |

g1vi/CVE-2006-3392 Webmin < 1.290 / Usermin < 1.220 - Arbitrary file disclosure Create: 2023-01-05 02:33:28 +0000 UTC Push: 2023-01-05 02:42:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-22463 KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermore, they may use the adm CVE project by @Sn0wAlice Create: 2023-01-05 01:57:03 +0000 UTC Push: 2023-01-05 01:57:06 +0000 UTC |

Live-Hack-CVE/CVE-2023-0049 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. CVE project by @Sn0wAlice Create: 2023-01-05 01:56:59 +0000 UTC Push: 2023-01-05 01:57:02 +0000 UTC |

Live-Hack-CVE/CVE-2022-48216 Uniswap Universal Router before 1.1.0 mishandles reentrancy. This would have allowed theft of funds. CVE project by @Sn0wAlice Create: 2023-01-05 01:56:54 +0000 UTC Push: 2023-01-05 01:56:57 +0000 UTC |

sudoninja-noob/CVE-2022-47102 Create: 2023-01-05 01:56:09 +0000 UTC Push: 2023-01-05 01:56:09 +0000 UTC |

sudoninja-noob/CVE-2022-46623 Create: 2023-01-05 01:54:29 +0000 UTC Push: 2023-01-05 01:54:53 +0000 UTC |

sudoninja-noob/CVE-2022-46622 Create: 2023-01-05 01:52:13 +0000 UTC Push: 2023-01-05 01:52:14 +0000 UTC |

sudoninja-noob/CVE-2022-45729 Create: 2023-01-05 01:50:00 +0000 UTC Push: 2023-01-05 01:50:32 +0000 UTC |

sudoninja-noob/CVE-2022-45728 Create: 2023-01-05 01:41:57 +0000 UTC Push: 2023-01-05 01:41:57 +0000 UTC |

Live-Hack-CVE/CVE-2023-0048 Code Injection in GitHub repository lirantal/daloradius prior to master-branch. CVE project by @Sn0wAlice Create: 2023-01-04 23:43:12 +0000 UTC Push: 2023-01-04 23:43:15 +0000 UTC |

Live-Hack-CVE/CVE-2022-29899 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-04 23:43:07 +0000 UTC Push: 2023-01-04 23:43:10 +0000 UTC |

Live-Hack-CVE/CVE-2022-0259 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-04 23:43:02 +0000 UTC Push: 2023-01-04 23:43:05 +0000 UTC |

Live-Hack-CVE/CVE-2021-41986 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-04 23:42:57 +0000 UTC Push: 2023-01-04 23:43:00 +0000 UTC |

Live-Hack-CVE/CVE-2021-41985 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none. CVE project by @Sn0wAlice Create: 2023-01-04 23:42:53 +0000 UTC Push: 2023-01-04 23:42:56 +0000 UTC |