Lucene search
K

55 matches found

Nuclei
Nuclei
added 8 hours ago22 views

JetBackup <= 2.0.9.7 - Sensitive Information Exposure via Directory Listing

JetBackup WordPress plugin = 2.0.9.9 does not use index files to prevent directory listing in certain configurations, letting malicious actors leak backup files, exploit requires access to the web server. id: CVE-2023-7165 info: name: JetBackup = 2.0.9.7 - Sensitive Information Exposure via...

7.5CVSS7.2AI score0.01915EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-7165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTun...

8.8CVSS7.7AI score0.02689EPSS
Exploits1References2
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-7165 Malicious code in @crabas0npm/aliquid-aliquam-doloremque-aut (npm)

The package @crabas0npm/aliquid-aliquam-doloremque-aut was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/10 6:21 a.m.10 views

CVE-2025-7165

A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely...

9.8CVSS7.4AI score0.00454EPSS
Exploits1References1
NVD
NVD
added 2025/07/08 6:15 a.m.5 views

CVE-2025-7165

A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely...

9.8CVSS0.00454EPSS
Exploits1References4
CVE
CVE
added 2025/07/08 6:2 a.m.22 views

CVE-2025-7165

Vulnerability overview: CVE-2025-7165 affects PHPGurukul/Campcodes Cyber Cafe Management System 1.0. The flaw is a SQL injection in the /forgot-password.php endpoint triggered by manipulating the email parameter. This vulnerability is exploitable remotely (network vector) with no authentication, ...

9.8CVSS7.6AI score0.00454EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/03 12:0 a.m.7 views

AlmaLinux 9 : xorg-x11-server-Xwayland (ALSA-2025:7165)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7165 advisory. xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 X.Org: Xwayland: Use-after-free of the root cursor...

7.8CVSS7.9AI score0.00894EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/05/22 4:47 p.m.8 views

CVE-2020-7165

A iccselectcommand expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

10CVSS8AI score0.06707EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/22 12:0 a.m.11 views

Oracle Linux 9 : xorg-x11-server-Xwayland (ELSA-2025-7165)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7165 advisory. - CVE fix for: CVE-2025-26594 RHEL-80204, CVE-2025-26595 RHEL-80187, CVE-2025-26596 RHEL-80190, CVE-2025-26597 RHEL-80193, CVE-2025-26598 RHEL-80195,...

7.8CVSS7.6AI score0.00894EPSS
Exploits0References10
Circl
Circl
added 2024/07/28 9:3 p.m.4 views

CVE-2024-7165

creationtimestamp| type| source ---|---|--- 2024-07-28 21:03:28+00:00| seen| https://t.me/cvedetector/1781...

8.8CVSS6.2AI score0.00532EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/28 5:31 p.m.28 views

CVE-2024-7165 SourceCodester School Fees Payment System view_payment.php sql injection

A vulnerability was found in SourceCodester School Fees Payment System 1.0 and classified as critical. This issue affects some unknown processing of the file /viewpayment.php. The manipulation of the argument efid leads to sql injection. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00532EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/28 5:31 p.m.10 views

CVE-2024-7165 SourceCodester School Fees Payment System view_payment.php sql injection

A vulnerability was found in SourceCodester School Fees Payment System 1.0 and classified as critical. This issue affects some unknown processing of the file /viewpayment.php. The manipulation of the argument efid leads to sql injection. The attack may be initiated remotely. The exploit has been...

6.5CVSS7.4AI score0.00532EPSS
Exploits1References4
Circl
Circl
added 2024/02/27 10:26 a.m.6 views

CVE-2023-7165

creationtimestamp| type| source ---|---|--- 2024-02-27 10:26:10+00:00| seen| https://t.me/ctinow/194184 2024-02-27 10:26:29+00:00| seen| https://t.me/ctinow/194198 2026-04-09 03:37:19+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-7165.yam...

7.5CVSS7.3AI score0.01915EPSS
Exploits2References4
NVD
NVD
added 2024/02/27 9:15 a.m.16 views

CVE-2023-7165

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

7.5CVSS6.2AI score0.01915EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/02/27 8:30 a.m.22 views

CVE-2023-7165 JetBackup < 2.0.9.9 - Directory Listing Exposing Backups

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

6.5AI score0.01915EPSS
Exploits2References1
CVE
CVE
added 2024/02/27 8:30 a.m.3850 views

CVE-2023-7165

CVE-2023-7165 affects JetBackup WordPress plugin prior to 2.0.9.9. The vulnerability stems from not using index files to block public directory listings, enabling leakage of backup files from /wp-content/uploads/jetbackup in certain configurations. Patch to 2.0.9.9+ or apply server-side controls ...

7.5CVSS7.4AI score0.01915EPSS
Exploits2References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/21 12:0 a.m.34 views

Oracle Linux 8 : cups (ELSA-2023-7165)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7165 advisory. - CVE-2023-32360 cups: Information leak through Cups-Get-Document operation - CVE-2023-34241 cups: use-after-free in cupsdAcceptClient in...

7.5CVSS6.5AI score0.01473EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2022/04/01 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-5356-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.06685EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2019-0205)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.06685EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2018:3387-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.69016EPSS
Exploits40References18
Rows per page
Query Builder