Lucene search
K

42064 matches found

Nuclei
Nuclei
added 9 hours ago54 views

Telaen => v1.3.1 - Open Redirect

Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL. id: CVE-2013-2621 info: name: Telaen = v1.3.1 - Open Redirect author: ctflearner severity: medium description: | Open Redirection...

6.1CVSS6.6AI score0.10692EPSS
Exploits4References3
Nuclei
Nuclei
added 9 hours ago78 views

Cisco Small Business 200,300 and 500 Series Switches - Open Redirect

Cisco Small Business 200,300 and 500 Series Switches contain an open redirect vulnerability in the Web UI. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2019-1943 info: name: Cisco Small...

6.1CVSS6.2AI score0.1051EPSS
Exploits3References4
Nuclei
Nuclei
added 9 hours ago23 views

WordPress AcyMailing <7.5.0 - Open Redirect

WordPress AcyMailing plugin before 7.5.0 contains an open redirect vulnerability due to improper sanitization of the redirect parameter. An attacker turning the request from POST to GET can craft a link containing a potentially malicious landing page and send it to the user. id: CVE-2021-24288...

6.1CVSS6.5AI score0.01939EPSS
Exploits2References4
Nuclei
Nuclei
added 9 hours ago23 views

Orange Forum 1.4.0 - Open Redirect

Orange Forum 1.4.0 contains an open redirect vulnerability in views/auth.go via the next parameter to /login or /signup. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-14474 info: nam...

6.1CVSS6.3AI score0.02257EPSS
Exploits1References5
Nuclei
Nuclei
added 9 hours ago46 views

GetSimple CMS 3.3.13 - Open Redirect

GetSimple CMS 3.3.13 contains an open redirect vulnerability via the admin/index.php redirect parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2019-9915 info: name: GetSimple CMS...

6.1CVSS6.3AI score0.03626EPSS
Exploits0References5
Nuclei
Nuclei
added 9 hours ago44 views

DotCMS < 5.0.2 - Open Redirect

dotCMS before 5.0.2 contains multiple open redirect vulnerabilities via the html/common/forwardjs.jsp FORWARDURL parameter or the html/portlet/ext/common/pagepreviewpopup.jsp hostname parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify...

6.1CVSS6.3AI score0.03717EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago26 views

OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect

OpenText Documentum Administrator 7.2.0180.0055 is susceptible to multiple open redirect vulnerabilities. An attacker can redirect a user to a malicious site and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2017-14524 info: name: OpenText...

6.1CVSS6.3AI score0.0294EPSS
Exploits2References5
Nuclei
Nuclei
added 9 hours ago33 views

OpenCATS - Open Redirect

OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in turn, exposes OpenCATS to possible template injection and obtaining sensitive information, modifying data, and/or executing unauthorized operations. id: CVE-2023-27292 info: name:...

5.4CVSS6.1AI score0.01027EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago44 views

Rudloff alltube prior to 3.0.1 - Open Redirect

An open redirect vulnerability exists in Rudloff/alltube that could let an attacker construct a URL within the application that causes redirection to an arbitrary external domain via Packagist in versions prior to 3.0.1. id: CVE-2022-0692 info: name: Rudloff alltube prior to 3.0.1 - Open Redirect...

6.1CVSS6.1AI score0.03378EPSS
Exploits1References5
Nuclei
Nuclei
added 9 hours ago32 views

WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting

WordPress Anti-Malware Security and Brute-Force Firewall plugin before 4.21.83 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in an admin dashboard. id: CVE-2022-2599 info: name: WordPress Anti-Malware Security an...

6.1CVSS6.3AI score0.0102EPSS
Exploits2References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday7 views

Malicious code in ipa-user-collector (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f6740d6a9e24bf6219b8f1c07ef005df676552e1b9656d5e0b1c7b6cfc6f3086 During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...

6.2AI score
Exploits0References2
Circl
Circl
added yesterday5 views

CVE-2026-58379

creationtimestamp| type| source ---|---|--- 2026-07-03 19:39:24+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mprceilsjt24 2026-07-03 22:01:58+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mprkdhbnlb2f 2026-07-03 22:30:00+00:00| seen|...

7.3CVSS5.9AI score
Exploits0References3
Nuclei
Nuclei
added 2 days ago38 views

Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection

Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command injection. There is improper sanitization of authenticated user-controlled input by a single HTTP request via the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php. This in turn can lead to remot...

9CVSS7.5AI score0.42935EPSS
Exploits8References5
Nuclei
Nuclei
added 2 days ago106 views

Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL. id: CVE-2019-10098 info: name: Apache HTTP server v2.4.0 to v2.4.39 - Open...

6.1CVSS6.6AI score0.73981EPSS
Exploits1References6
Nuclei
Nuclei
added 2 days ago459 views

Revive Adserver 4.2 - Remote Code Execution

Revive Adserver 4.2 is susceptible to remote code execution. An attacker can send a crafted payload to the XML-RPC invocation script and trigger the unserialize call on the "what" parameter in the "openads.spc" RPC method. This can be exploited to perform various types of attacks, e.g...

9.8CVSS7.5AI score0.57022EPSS
Exploits7References5
Circl
Circl
added 3 days ago3 views

CVE-2026-4629

creationtimestamp| type| source ---|---|--- 2026-07-01 20:57:52+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpmfsxv4b524 2026-07-02 12:26:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnzqezxyr2d...

6.5CVSS5.8AI score0.0024EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in vitest-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e0165cbb3d6ed37a96889c4b016463706346e1c09413635c31ea1ceedde8774 The package's postinstall script node lib/utils/index.js spawns a detached, stdio-suppressed Node child process that runs...

5.9AI score
Exploits0References3
Cvelist
Cvelist
added 4 days ago31 views

CVE-2025-24815 An unrestricted file upload vulnerability in Nokia MantaRay NM

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system...

0.00151EPSS
Exploits0References1
CVE
CVE
added 4 days ago8 views

CVE-2025-24815

CVE-2025-24815 affects Nokia MantaRay NM and describes an unrestricted file upload vulnerability caused by insufficient file type validation. The issue could allow an authenticated attacker to upload malicious files onto the system. No remediation details are provided in the supplied documents.

7.8CVSS5.8AI score0.00151EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2025-210369

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system...

7.8CVSS5.8AI score0.00151EPSS
Exploits0References1
Rows per page
Query Builder