Lucene search
K

239603 matches found

Nuclei
Nuclei
added 9 hours ago42 views

TI WooCommerce Wishlist <= 2.9.2 - Arbitrary File Upload

TemplateInvaders TI WooCommerce Wishlist = 2.10.0 contains an unrestricted file upload vulnerability caused by lack of proper file type validation, letting attackers upload web shells to the server, exploit requires no special privileges. id: CVE-2025-47577 info: name: TI WooCommerce Wishlist =...

10CVSS7.3AI score0.04913EPSS
Exploits2References3
Nuclei
Nuclei
added 9 hours ago9 views

mcp-atlassian < 0.17.0 - Server-Side Request Forgery

MCP Atlassian 0.17.0 contains a server-side request forgery caused by improper validation of custom HTTP headers in the HTTP middleware, letting unauthenticated attackers force outbound requests to arbitrary URLs, exploit requires access to the mcp-atlassian HTTP endpoint. id: CVE-2026-27826 info...

9CVSS6.2AI score0.13589EPSS
Exploits2References4
Nuclei
Nuclei
added 9 hours ago17 views

MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting

paintballrefjosh/MaNGOSWebV4 4.0.8 contains a reflected XSS caused by unsanitized input in install/index.php step parameter, letting attackers execute arbitrary scripts in the victim's browser, exploit requires victim to visit a maliciously crafted URL id: CVE-2017-6478 info: name: MaNGOSWebV4...

6.1CVSS6.6AI score0.02574EPSS
Exploits6References4
Nuclei
Nuclei
added 9 hours ago15 views

Label Studio < 1.16.0 - Cross-Site Scripting

Label Studio prior to version 1.16.0 contains a cross-site scripting caused by rendering unsanitized user-provided HTML in the /projects/upload-example endpoint, letting attackers execute arbitrary JavaScript via crafted labelconfig in a GET request, exploit requires victims to visit malicious UR...

6.1CVSS6AI score0.01778EPSS
Exploits2References2
Nuclei
Nuclei
added 9 hours ago13 views

sar2html <=3.2.2 Plot Parameter - Remote Code Execution

sar2html version 3.2.2 and prior contains an OS command injection vulnerability in the plot parameter of index.php. A remote, unauthenticated attacker can append shell metacharacters to the plot parameter and execute arbitrary operating system commands. id: CVE-2025-34030 info: name: sar2html...

10CVSS7.4AI score0.59067EPSS
Exploits1References5
Nuclei
Nuclei
added 9 hours ago7 views

LearnPress < 4.3.7 - Information Disclosure

LearnPress WordPress plugin 4.3.7 contains an information disclosure vulnerability caused by missing capability checks on a REST endpoint, letting unauthenticated visitors retrieve sensitive user role and capability data via crafted requests. id: CVE-2026-8383 info: name: LearnPress 4.3.7 -...

5.3CVSS5.9AI score0.00424EPSS
Exploits0References2
Nuclei
Nuclei
added 9 hours ago12 views

Multiple Thrive Themes < 2.0.0 - Arbitrary File Upload

Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by...

9.1CVSS7.2AI score0.03946EPSS
Exploits2References2
Nuclei
Nuclei
added 9 hours ago77 views

Mastodon - Open Redirect

Mastodon version 4.5.8, 4.4.15, 4.3.21 is vulnerable to unauthenticated Open Redirect vulnerability CWE-601 exists in the /web/ route due to improper handling of URL-encoded path segments. id: CVE-2026-33868 info: name: Mastodon - Open Redirect author: theamanrawat severity: medium description: |...

6.1CVSS5.9AI score0.00515EPSS
Exploits0References2
Nuclei
Nuclei
added 9 hours ago18 views

SolarWinds Web Help Desk < 12.8.8 Hotfix 1 (HF1) - Security Control Bypass

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality. id: CVE-2025-40536 info: name: SolarWinds Web Help Desk 12.8.8 Hotfix 1 HF1 - Security...

9.8CVSS7.3AI score0.8413EPSS
Exploits4References3
Nuclei
Nuclei
added 9 hours ago11 views

FUXA <= 1.2.7 - Hardcoded JWT Secret Authentication Bypass

FUXA v1.2.7 contains a hardcoded credentials vulnerability caused by use of a hard-coded secret key in server/api/jwt-helper.js, letting remote attackers forge admin tokens and bypass authentication, exploit requires no special conditions. id: CVE-2025-69971 info: name: FUXA = 1.2.7 - Hardcoded J...

9.8CVSS6AI score0.02036EPSS
Exploits0References3
Nuclei
Nuclei
added 9 hours ago7 views

Karel IP Phone IP1211 Web Management Panel - Local File Inclusion

Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. id: CVE-2025-34023 info: name: Karel IP Phone IP1211 Web Management Pane...

8.5CVSS6.1AI score0.01409EPSS
Exploits0References3
Nuclei
Nuclei
added 9 hours ago25 views

Control Web Panel (CWP) - File Inclusion

In CWP Control Web Panel, previously CentOS Web Panel before version 0.9.8.1107, an unauthenticated attacker can abuse null byte %00 injection with the "scripts" parameter in the /user/loader.php or /user/login.php endpoints to register arbitrary API keys or access sensitive files. This can be...

9.8CVSS7.7AI score0.70947EPSS
Exploits1References2
Nuclei
Nuclei
added 9 hours ago23 views

Hongjing e-HR 2020 - SQL Injection

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...

9.8CVSS6.6AI score0.03766EPSS
Exploits1References2
Nuclei
Nuclei
added 9 hours ago15 views

Liferay Portal - Open Redirect

HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' U+FFFD, which allows remote...

6.1CVSS6.6AI score0.0096EPSS
Exploits0References4
Nuclei
Nuclei
added 9 hours ago10 views

LibreChat <= 0.7.9 - HTML Injection via Accept-Language Header

danny-avila/librechat 0.7.9 contains a stored XSS caused by improper sanitization of the Accept-Language header, letting logged-in users inject arbitrary HTML into the html lang= tag, exploit requires user to be logged in. id: CVE-2025-8848 info: name: LibreChat marker"...

5.4CVSS6AI score0.00423EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago15 views

Episerver 7 - Blind XML External Entity Injection

Episerver 7 patch 4 and earlier contains an XML external entity XXE caused by processing crafted DTD in XML requests involving util/xmlrpc/Handler.ashx, letting remote attackers read arbitrary files, exploit requires sending malicious XML payloads. id: CVE-2017-17762 info: name: Episerver 7 - Bli...

7.5CVSS7.2AI score0.04648EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago22 views

ChanCMS <= 3.3.0 - SQL Injection

yanyutao0402 ChanCMS = 3.3.0 contains a SQL injection caused by manipulation of the "key" argument in app/modules/api/service/Api.js Search function, letting remote attackers execute arbitrary SQL commands, exploit requires crafted request. id: CVE-2025-10210 info: name: ChanCMS = 3.3.0 - SQL...

8.8CVSS6.8AI score0.01195EPSS
Exploits0References4
Nuclei
Nuclei
added 9 hours ago14 views

Zimbra - Cross-Site Scripting via ICS Files

Detects Zimbra Collaboration Suite versions vulnerable to CVE-2025-27915, a stored XSS vulnerability in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an email with a malicious ICS entry, embedded JavaScript executes via an ontoggle event...

5.4CVSS6.8AI score0.04241EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago19 views

Employee Records System 1.0 - Unauthenticated File Upload RCE

Employee Records System version 1.0 contains an unrestricted file upload vulnerability in uploadID.php that allows remote unauthenticated attackers to upload arbitrary PHP files and achieve remote code execution. id: CVE-2021-4462 info: name: Employee Records System 1.0 - Unauthenticated File...

9.8CVSS6.3AI score0.03054EPSS
Exploits2References2
Nuclei
Nuclei
added 9 hours ago14 views

Kramer VIAware - Privilege Escalation and Remote Code Execution

Kramer VIAware, all tested versions, allow privilege escalation and remote code execution due to misconfigured sudo permissions. Attackers can execute arbitrary system commands remotely if the web interface is accessible, due to vulnerabilities in the handling of privileged operations through...

10CVSS8.1AI score0.70753EPSS
Exploits5References5
Rows per page
Query Builder