Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1393 matches found

Nuclei
Nucleiadded yesterday24 views

Joomla! Component Jimtawl 1.0.2 - Local File Inclusion

A directory traversal vulnerability in the Jimtawl comjimtawl component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. dot dot in the task parameter to index.php. id: CVE-2010-4769 info: name: Joomla! Component Jimtawl 1.0.2 - Local...

7.5CVSS6AI score0.05322EPSS
Exploits2References2
Nuclei
Nucleiadded yesterday27 views

Joomla! Component com_jashowcase - Directory Traversal

A directory traversal vulnerability in the JA Showcase comjashowcase component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter in a jashowcase action to index.php. id: CVE-2010-0943 info: name: Joomla! Component comjashowcase - Directory...

5CVSS5.9AI score0.0265EPSS
Exploits1References4
Nuclei
Nucleiadded yesterday32 views

Joomla! Component com_abbrev - Local File Inclusion

A directory traversal vulnerability in the Abbreviations Manager comabbrev component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-0985 info: name: Joomla! Component comabbrev - Local Fi...

7.5CVSS6.1AI score0.04856EPSS
Exploits1References5
Nuclei
Nucleiadded yesterday17 views

Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion

A directory traversal vulnerability in the Community Polls comcommunitypolls component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1081 info: name: Joomla! Component...

5CVSS6AI score0.04937EPSS
Exploits1References4
Nuclei
Nucleiadded yesterday107 views

Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion

A PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites comjoomla-visites component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. id: CVE-2010-2918 info: name: Joomla! Component Visit...

7.5CVSS6.2AI score0.01604EPSS
Exploits1References5
Nuclei
Nucleiadded yesterday32 views

Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion

A directory traversal vulnerability in the givesight PowerMail Pro compowermail component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1532 info: name: Joomla!...

5CVSS6AI score0.02667EPSS
Exploits2References4
Nuclei
Nucleiadded yesterday24 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /domain//admin/dw/add-server.php DisplayName parameters. id: CVE-2018-19892 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains a cross-site scripti...

4.8CVSS6AI score0.01183EPSS
Exploits5References4
Nuclei
Nucleiadded yesterday28 views

DomainMOD <=4.11.01 - Cross-Site Scripting

DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the assets/edit/host.php Web Host Name or Web Host URL field. id: CVE-2018-19915 info: name: DomainMOD =4.11.02 to mitigate this vulnerability. reference: - https://github.com/domainmod/domainmod/issues/87 -...

4.8CVSS6AI score0.00284EPSS
Exploits5References5
Nuclei
Nucleiadded yesterday34 views

Apache Tika < 1.1.8 - Header Command Injection

Apache Tika versions 1.7 to 1.17 allow clients to send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. i...

9.3CVSS7.2AI score0.93876EPSS
Exploits10References5
Nuclei
Nucleiadded yesterday23 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD through 4.11.01 contains a cross-site scripting vulnerability via the assets/add/registrar.php notes field for Registrar. id: CVE-2018-19752 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD through 4.11.01 contains a...

4.8CVSS6AI score0.00236EPSS
Exploits6References4
Nuclei
Nucleiadded yesterday25 views

Joomla! Component JProject Manager 1.0 - Local File Inclusion

A directory traversal vulnerability in the Ternaria Informatica JProject Manager comjprojectmanager component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1469 inf...

6.8CVSS6AI score0.02897EPSS
Exploits2References5
Nuclei
Nucleiadded yesterday19 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider.php ssl-provider-name and ssl-provider's-url parameters. id: CVE-2018-20009 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD...

4.8CVSS6AI score0.00455EPSS
Exploits6References5
Nuclei
Nucleiadded yesterday33 views

Joomla! Component SmartSite 1.0.0 - Local File Inclusion

A directory traversal vulnerability in the SmartSite comsmartsite component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1657 info: name: Joomla! Component SmartSite 1.0.0 - Local File Inclusion author:...

5CVSS5.9AI score0.01302EPSS
Exploits1References5
Nuclei
Nucleiadded yesterday26 views

Joomla! Component NoticeBoard 1.3 - Local File Inclusion

A directory traversal vulnerability in the Code-Garage NoticeBoard comnoticeboard component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1658 info: name: Joomla!...

5CVSS6AI score0.02847EPSS
Exploits1References5
Nuclei
Nucleiadded yesterday37 views

Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion

A directory traversal vulnerability in jphone.php in the JPhone comjphone component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-3426 info: name: Joomla! Component Jphone 1.0...

7.5CVSS6.1AI score0.01112EPSS
Exploits3References5
Nuclei
Nucleiadded yesterday20 views

Joomla! RSfiles <=1.0.2 - Local File Inclusion

Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component comrsfiles. This could allow remote attackers to arbitrarily read files via a .. dot dot in the path parameter in a files.display action. id: CVE-2007-4504 info: name: Joomla! RSfiles...

5CVSS5.8AI score0.00177EPSS
Exploits0References4
Nuclei
Nucleiadded yesterday75 views

Carel pCOWeb <B1.2.4 - Cross-Site Scripting

Carel pCOWeb prior to B1.2.4 is vulnerable to stored cross-site scripting, as demonstrated by the config/pwsnmp.html "System contact" field. id: CVE-2019-11370 info: name: Carel pCOWeb B1.2.4 - Cross-Site Scripting author: arafatansari severity: medium description: | Carel pCOWeb prior to B1.2.4 ...

5.4CVSS6AI score0.06057EPSS
Exploits1References4
Nuclei
Nucleiadded yesterday34 views

Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting

Triconsole Datepicker Calendar before 3.77 contains a cross-site scripting vulnerability in calendarform.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents. id:...

6.1CVSS6.2AI score0.24842EPSS
Exploits3References5
Nuclei
Nucleiadded yesterday29 views

Joomla! MooFAQ 1.0 - Local File Inclusion

Joomla! Ideal MooFAQ 1.0 via commoofaq allows remote attackers to read arbitrary files via a .. dot dot in the file parameter local file inclusion. id: CVE-2009-2015 info: name: Joomla! MooFAQ 1.0 - Local File Inclusion author: daffainfo severity: high description: Joomla! Ideal MooFAQ 1.0 via...

7.5CVSS5.9AI score0.02124EPSS
Exploits1References4
Nuclei
Nucleiadded yesterday35 views

Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion

Zyxel VMG1312-B10D 5.13AAXA.8 is susceptible to local file inclusion. A remote unauthenticated attacker can send a specially crafted URL request containing "dot dot" sequences /../, conduct directory traversal attacks, and view arbitrary files. id: CVE-2018-19326 info: name: Zyxel VMG1312-B10D...

7.5CVSS7.3AI score0.56584EPSS
Exploits1References5
Rows per page
Query Builder