Lucene search
K

63870 matches found

Nuclei
Nuclei
added yesterday12 views

WordPress < 4.8.2 - Authenticated Open Redirect

WordPress versions before 4.8.2 contain an open redirect caused by improper validation in wp-admin/edit-tag-form.php and wp-admin/user-edit.php, letting attackers redirect users to malicious sites, exploit requires access to admin interface. id: CVE-2017-14725 info: name: WordPress 4.8.2 -...

5.4CVSS6.7AI score0.02134EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday71 views

Node.js <8.6.0 - Directory Traversal

Node.js before 8.6.0 allows remote attackers to access unintended files because a change to ".." handling is incompatible with the pathname validation used by unspecified community modules. id: CVE-2017-14849 info: name: Node.js 8.6.0 - Directory Traversal author: RandomRobbie severity: high...

7.5CVSS7AI score0.53416EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday61 views

WordPress Qards - Cross-Site Scripting

WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php. id: CVE-2017-18598 info: name: WordPress Qards - Cross-Site Scripting author: pussycat0x severity: medium description: WordPress Qards...

6.1CVSS6.4AI score0.01933EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday20 views

Schneider Electric Pelco VideoXpert Enterprise 2.0 - Path Traversal

Schneider Electric Pelco VideoXpert Enterprise versions 2.0 and prior contain a directory traversal caused by insufficient input validation, letting unauthorized persons view web server files, exploit requires no authentication. id: CVE-2017-9965 info: name: Schneider Electric Pelco VideoXpert...

5.8CVSS6.6AI score0.04612EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday322 views

Apache Tomcat - Remote Code Execution

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...

8.1CVSS6.8AI score0.99988EPSS
Exploits23References5
Nuclei
Nuclei
added yesterday26 views

PhpColl 2.5.1 Arbitrary File Upload

PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logosclients/ via clients/editclient.php. id: CVE-2017-6090 info: name: PhpColl 2.5.1 Arbitrary File Uplo...

8.8CVSS7.3AI score0.96068EPSS
Exploits9References5
Nuclei
Nuclei
added yesterday63 views

Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware Web Services versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2 is susceptible to a difficult to exploit vulnerability that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic...

7.4CVSS7AI score0.96281EPSS
Exploits9References5
Nuclei
Nuclei
added yesterday254 views

Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion

Oracle GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated local file inclusion vulnerabilities that can be exploited by issuing specially crafted HTTP GET requests. id: CVE-2017-1000028 info: name: Oracle GlassFish Server Open Source Edition 4.1 - Loc...

7.5CVSS7AI score0.99479EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday17 views

Intelbras WRN 150 - Authentication Bypass

Intelbras WRN 150 router is vulnerable to authentication bypass through cookie manipulation. An attacker can bypass authentication and download the router configuration file by manipulating the admin:language cookie. id: CVE-2017-14942 info: name: Intelbras WRN 150 - Authentication Bypass author:...

9.8CVSS6.8AI score0.60857EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday40 views

BOA Web Server 0.94.14 - Arbitrary File Access

BOA Web Server 0.94.14 is susceptible to arbitrary file access. The server allows the injection of "../.." using the FILECAMERA variable sent by GET to read files with root privileges and without using access credentials. id: CVE-2017-9833 info: name: BOA Web Server 0.94.14 - Arbitrary File Acces...

7.8CVSS7.1AI score0.68243EPSS
Exploits6References5
Circl
Circl
added 3 days ago7 views

CVE-2017-7253

creationtimestamp| type| source ---|---|--- 2026-07-09 15:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7vx533e625...

9CVSS7.2AI score0.02296EPSS
Exploits1References1
Circl
Circl
added 3 days ago6 views

CVE-2017-2850

creationtimestamp| type| source ---|---|--- 2026-07-09 14:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7slsxo272m...

8.8CVSS7.2AI score0.02194EPSS
Exploits1References1
Circl
Circl
added 3 days ago6 views

CVE-2017-2848

creationtimestamp| type| source ---|---|--- 2026-07-09 13:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7pakb55i2o...

8.8CVSS7.2AI score0.04527EPSS
Exploits1References1
Circl
Circl
added 3 days ago6 views

CVE-2017-2847

creationtimestamp| type| source ---|---|--- 2026-07-09 12:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7nkvy5hh2s...

8.8CVSS7.2AI score0.04527EPSS
Exploits2References1
Circl
Circl
added 3 days ago6 views

CVE-2017-2846

creationtimestamp| type| source ---|---|--- 2026-07-09 12:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7lvbi36e2o...

8.8CVSS7.2AI score0.04527EPSS
Exploits1References1
Circl
Circl
added 3 days ago7 views

CVE-2017-2845

creationtimestamp| type| source ---|---|--- 2026-07-09 11:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7k7ms5iz2n...

8.8CVSS7.2AI score0.07233EPSS
Exploits1References1
Circl
Circl
added 3 days ago5 views

CVE-2017-2844

creationtimestamp| type| source ---|---|--- 2026-07-09 11:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7ijxgciu25...

8.8CVSS7.2AI score0.03439EPSS
Exploits1References1
Circl
Circl
added 3 days ago6 views

CVE-2017-10681

creationtimestamp| type| source ---|---|--- 2026-07-09 01:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq6ioq5lgo2s...

8.8CVSS6.8AI score0.01208EPSS
Exploits1References1
Circl
Circl
added 3 days ago5 views

CVE-2017-10680

creationtimestamp| type| source ---|---|--- 2026-07-09 01:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq6gz3iouu25...

8.8CVSS7.2AI score0.01208EPSS
Exploits1References1
Circl
Circl
added 3 days ago5 views

CVE-2017-10678

creationtimestamp| type| source ---|---|--- 2026-07-09 00:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq6fdh2sxx2f...

8.8CVSS7.2AI score0.01208EPSS
Exploits1References1
Rows per page
Query Builder