Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

45 matches found

RedhatCVE
RedhatCVEadded 2026/02/09 7:23 p.m.6 views

CVE-2026-2145

A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown function of the file /adminPage/conf/check of the component Web Management Interface. Such manipulation of the argument nginxDir leads to cross site scripting. The attack can be executed remotely...

5.4CVSS3.6AI score0.00264EPSS
Exploits1References1
OSV
OSVadded 2026/02/08 9:15 a.m.2 views

CVE-2026-2145

A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown function of the file /adminPage/conf/check of the component Web Management Interface. Such manipulation of the argument nginxDir leads to cross site scripting. The attack can be executed remotely...

5.4CVSS4AI score
Exploits0References6
NVD
NVDadded 2026/02/08 9:15 a.m.10 views

CVE-2026-2145

A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown function of the file /adminPage/conf/check of the component Web Management Interface. Such manipulation of the argument nginxDir leads to cross site scripting. The attack can be executed remotely...

5.4CVSS0.00264EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2026/02/08 9:2 a.m.5 views

CVE-2026-2145 cym1102 nginxWebUI Web Management check cross site scripting

A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown function of the file /adminPage/conf/check of the component Web Management Interface. Such manipulation of the argument nginxDir leads to cross site scripting. The attack can be executed remotely...

5.1CVSS3.4AI score0.00264EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/02/08 9:2 a.m.33 views

CVE-2026-2145 cym1102 nginxWebUI Web Management check cross site scripting

A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown function of the file /adminPage/conf/check of the component Web Management Interface. Such manipulation of the argument nginxDir leads to cross site scripting. The attack can be executed remotely...

5.1CVSS0.00264EPSS
Exploits1References6
CVE
CVEadded 2026/02/08 9:2 a.m.14 views

CVE-2026-2145

CVE-2026-2145 affects cym1102 nginxWebUI up to version 4.3.7. The vulnerability lies in an unknown function handling the nginxDir argument in the /adminPage/conf/check component of the Web Management Interface, enabling remote cross-site scripting (XSS). Public exploits exist. Proof-of-concept ex...

5.4CVSS3.4AI score0.00264EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/02/08 9:2 a.m.4 views

CVE-2026-2145

A vulnerability was identified in cym1102 nginxWebUI up to 4.3.7. The impacted element is an unknown function of the file /adminPage/conf/check of the component Web Management Interface. Such manipulation of the argument nginxDir leads to cross site scripting. The attack can be executed remotely...

5.1CVSS3.4AI score0.00264EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologiesadded 2026/02/08 12:0 a.m.8 views

PT-2026-6971

Name of the Vulnerable Software and Affected Versions cym1102 nginxWebUI versions through 4.3.7 Description A cross site scripting issue exists in cym1102 nginxWebUI. The issue is related to manipulation of the nginxDir argument within an unknown function of the file /adminPage/conf/check, part o...

5.1CVSS4.5AI score0.00264EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2024-32313

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.02891EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2024-32312

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00517EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-32314

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00815EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-32310

Malicious code in bioql PyPI...

7.5CVSS4.9AI score0.00918EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/05/23 10:13 a.m.6 views

CVE-2024-3740

A vulnerability, which was classified as critical, has been found in cym1102 nginxWebUI up to 3.9.9. This issue affects the function exec of the file /adminPage/conf/reload. The manipulation of the argument nginxExe leads to deserialization. The attack may be initiated remotely. The exploit has...

6.5CVSS6.9AI score0.00815EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/23 10:13 a.m.6 views

CVE-2024-3739

A vulnerability classified as critical was found in cym1102 nginxWebUI up to 3.9.9. This vulnerability affects unknown code of the file /adminPage/main/upload. The manipulation of the argument file leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...

6.5CVSS7.7AI score0.02891EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/23 10:13 a.m.6 views

CVE-2024-3736

A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /adminPage/main/upload. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

4.3CVSS7AI score0.00918EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/23 10:13 a.m.4 views

CVE-2024-3737

A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been rated as critical. Affected by this issue is the function findCountByQuery of the file /adminPage/www/addOver. The manipulation of the argument dir leads to path traversal. The attack may be launched remotely. The exploit ha...

6.5CVSS6.9AI score0.009EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/02/05 10:10 a.m.7 views

CVE-2024-3738

A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This affects the function handlePath of the file /adminPage/conf/saveCmd. The manipulation of the argument nginxPath leads to improper certificate validation. It is possible to initiate the attack remotely. T...

7.5CVSS6.9AI score0.00517EPSS
Exploits1
CNVD
CNVDadded 2024/04/16 12:0 a.m.5 views

nginxWebUI Trust Management Issue Vulnerability

nginxWebUI is an nginx web configuration tool. A trust management issue vulnerability exists in nginxWebUI, which stems from improper certificate validation of the nginxPath parameter of the handlePath method of the /adminPage/conf/saveCmd file. An attacker could exploit this vulnerability to cau...

9.8CVSS6.5AI score0.00517EPSS
Exploits1References1
CNVD
CNVDadded 2024/04/16 12:0 a.m.6 views

nginxWebUI path traversal vulnerability

nginxWebUI is an nginx web configuration tool. A path traversal vulnerability exists in nginxWebUI, which stems from the failure of the dir parameter of the findCountByQuery method of the /adminPage/www/addOver file to correctly filter for special elements in the path of a resource or file. An...

9.8CVSS6.8AI score0.009EPSS
Exploits1References1
CNVD
CNVDadded 2024/04/16 12:0 a.m.6 views

nginxWebUI deserialization vulnerability

nginxWebUI is an nginx web configuration tool. A deserialization vulnerability exists in nginxWebUI version 3.9.9, which originates from the unsafe deserialization of the nginxExe parameter of the /adminPage/conf/reload file when receiving serialized data submitted by a user, and can be exploited...

9.8CVSS7.2AI score0.00815EPSS
Exploits1References1
Rows per page
Query Builder