Lucene search
K

144660 matches found

Nuclei
Nuclei
added yesterday11 views

LyLme spage v1.9.5 - Server-Side Request Forgery

LyLme spage v1.9.5 is vulnerable to server-side request forgery SSRF via the url parameter in apply/index.php. An attacker can force the server to make arbitrary requests, potentially accessing internal resources. id: CVE-2024-36675 info: name: LyLme spage v1.9.5 - Server-Side Request Forgery...

9.1CVSS6.1AI score0.01426EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday44 views

InstaWP Connect <= 0.1.0.22 - Unauthenticated Arbitrary File Upload

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...

9.8CVSS6AI score0.05747EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday29 views

iTop - User Enumeration via REST Endpoint

From the webservices/rest.php file, several operations are accessible from an unauthenticated user. One of them is doresetpwd, allowing to reset a user password. This feature can be abused to perform user enumeration when a non-existent user is provided. id: CVE-2024-51739 info: name: iTop - User...

7.5CVSS7.2AI score0.01259EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday10 views

System Dashboard < 2.8.15 - Admin+ Path Traversal

The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server id: CVE-2024-10708 info: name: System Dashboard 2.8.15 - Admin+ Path...

4.9CVSS7.3AI score0.01974EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday35 views

Nokri – Job Board WordPress Theme <= 1.6.2 - Unauthenticated Arbitrary Password Change

The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.2. This is due to the plugin not properly checking for an empty token value prior updating their details like password. This makes it...

9.8CVSS7.4AI score0.02163EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday25 views

WPMobile.App <= 11.56 - Open Redirect

The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially...

7.2CVSS7.2AI score0.00746EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday40 views

AVM FRITZ!Box 7530 AX - Unauthorized Access

An access control issue in the component /juisboxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication. id: CVE-2024-54767 info: name: AVM FRITZ!Box 7530 AX - Unauthorized Access author: DhiyaneshDK severity: high description: | An access...

7.5CVSS5.9AI score0.01772EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday13 views

ipTIME A2004 - Unauthorized Access

An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication. id: CVE-2024-54763 info: name: ipTIME A2004 - Unauthorized Access author: ritikchaddha severity: medium description: | An access control...

6.5CVSS5.9AI score0.00746EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday28 views

D-Link DIR-859 - Information Disclosure

A critical information disclosure vulnerability exists in D-Link devices where sensitive device account information including credentials can be retrieved by sending an unauthenticated request to /getcfg.php endpoint with the parameter SERVICES=DEVICE.ACCOUNT. This could allow attackers to obtain...

9.8CVSS7AI score0.32261EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday15 views

WordPress WPMovieLibrary Plugin <= 2.1.4.8 - Cross-Site Scripting

The WPMovieLibrary WordPress plugin through version 2.1.4.8 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'order' parameter in the import page before outputting it back, which could allow attackers to execute arbitrary JavaScript cod...

7.1CVSS7.3AI score0.00654EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday23 views

DevDojo Voyager <=1.8.0 - Arbitrary File Read

DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass. id: CVE-2024-55415 info: name: DevDojo Voyager =1.8.0 - Arbitrary File Read author: iamnoooob,rootxharsh,pdresearch severity: high description: | DevDojo Voyager through 1.8.0 is vulnerable to path traversal at t...

5.7CVSS7.4AI score0.14586EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday19 views

DATAGERRY - Improper Access Control

The /rest/rights/ REST API endpoint in Becon DATAGerry through 2.2.0 contains an Incorrect Access Control vulnerability. An attacker can remotely access this endpoint without authentication, leading to unauthorized disclosure of sensitive information. id: CVE-2024-50967 info: name: DATAGERRY -...

6.5CVSS6AI score0.01616EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday29 views

XWiki Platform - Unauthorized Document History Access

A vulnerability in XWiki Platform's REST API allows unauthorized users to access document history information. The REST API endpoint exposes the history of any page including modification times, version numbers, author details username and display name, and version comments, regardless of access...

5.3CVSS5.9AI score0.03417EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday52 views

Mitel MiCollab - Arbitary File Read

The Mitel Collab Arbitrary File Read vulnerability allows an unauthenticated attacker to read arbitrary files from the underlying file system on a Mitel Collab server. Exploiting this flaw involves sending specially crafted requests to the server, bypassing access controls and allowing the attack...

9.8CVSS7AI score0.98067EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday15 views

123Solar 1.8.4.5 - Cross-Site Scripting

123Solar 1.8.4.5 is vulnerable to reflected cross-site scripting XSS via the date1 parameter in detailed.php. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2024-9007 info: name: 123Solar 1.8.4.5 - Cross-Site Scripting author: ritikchaddha...

5.4CVSS5.9AI score0.00949EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday87 views

MobSF - Path Traversal

MobSF is vulnerable to an issue with apktool CVE-2024-21633 that allows for RCE or arbitrary file writing. It does this through a path traversal vulnerability. This template tests for it by writing to a local file and reading that file. RCE can be achieved by overwriting jadx, as shown in the two...

7.8CVSS7.2AI score0.0132EPSS
Exploits2
Nuclei
Nuclei
added yesterday11 views

WordPress Grow by Tradedoubler Plugin < 2.0.22 - Unauthenticated Local File Inclusion

The Grow by Tradedoubler WordPress plugin through version 2.0.21 is vulnerable to Local File Inclusion via the component parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files. id: CVE-2024-6460 info:...

9.8CVSS6.2AI score0.04826EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday33 views

Discourse Backup File Disclosure Via Default Nginx Configuration

Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use FileStore--LocalStore which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file, the attacker can trick...

7.5CVSS7.1AI score0.25431EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday35 views

Shield Security Plugin < 20.0.6 - Cross-Site Scripting

The Shield Security WordPress plugin before 20.0.6 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'navsub' parameter in the admin dashboard, allowing authenticated users to execute arbitrary JavaScript in the context of other...

6.1CVSS6AI score0.01444EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday40 views

WordPress Download Manager < 3.3.07 - Unauthenticated Data Exposure

The WordPress Download Manager plugin before version 3.3.07 does not prevent directory listing on web servers that don't use htaccess, allowing unauthorized access to files stored in the download-manager-files directory. id: CVE-2024-13126 info: name: WordPress Download Manager 3.3.07 -...

4.6CVSS6AI score0.00453EPSS
Exploits1References3
Rows per page
Query Builder