Lucene search
+L

1398893 matches found

Nuclei
Nuclei
added yesterday92 views

WP-Recall <= 16.26.5 - SQL Injection

The WP-Recall Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 16.26.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

9.3CVSS5.7AI score0.05851EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday29 views

Ruijie RG-NBS2009G-P - Improper Authentication

An issue in Ruijie RG-NBS2009G-P RGOS v.10.41P2 Release9736 allows a remote attacker to gain privileges via the system/configmenu.htm. id: CVE-2024-24116 info: name: Ruijie RG-NBS2009G-P - Improper Authentication author: friea severity: critical description: | An issue in Ruijie RG-NBS2009G-P RGO...

9.8CVSS5.4AI score0.28214EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday19 views

LoLLMS WebUI < 9.8 - Path Traversal

parisneo/lollms-webui contains a path traversal caused by improper handling of 'category' parameter in /listpersonalities endpoint, letting attackers list arbitrary directories, exploit requires control over 'category' parameter. id: CVE-2024-4322 info: name: LoLLMS WebUI 9.8 - Path Traversal...

7.5CVSS7.4AI score0.30987EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday15 views

OneNav v0.9.35-20240318 - Server-Side Request Forgery (SSRF)

OneNav v0.9.35-20240318 is vulnerable to server-side request forgery SSRF via the url parameter in the getlinkinfo API. An attacker can force the server to make arbitrary requests, potentially accessing internal resources. id: CVE-2024-33832 info: name: OneNav v0.9.35-20240318 - Server-Side Reque...

6.3CVSS5.5AI score0.0072EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday44 views

Chartify – WordPress Chart Plugin < 2.9.6 - Local File Inclusion

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...

9.8CVSS9.3AI score0.04841EPSS
Exploits3References4
Nuclei
Nuclei
added yesterday17 views

Zimbra Collaboration - Cross-Site Scripting (XSS)

An issue was discovered in Zimbra Collaboration ZCS 9.0 and 10.0. A Cross-Site Scripting XSS vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this v...

6.1CVSS7AI score0.19543EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday22 views

CodiMD <2.5.4 - Insecure Filename Randomization

CodiMD does not require valid authentication to access uploaded images or to upload new image data. An attacker who can determine an uploaded image's URL can gain unauthorised access to uploaded image data. Due to the insecure random filename generation in the underlying Formidable library, an...

5.3CVSS5.4AI score0.01158EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday82 views

Horde Groupware Unauthenticated Admin Access

Horde Groupware contains an administrative account with a blank password, which allows remote attackers to gain access. id: CVE-2005-3344 info: name: Horde Groupware Unauthenticated Admin Access author: pikpikcu severity: critical description: Horde Groupware contains an administrative account wi...

10CVSS5.3AI score0.07986EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday43 views

NewStatPress <0.9.9 - Cross-Site Scripting

WordPress NewStatPress plugin before 0.9.9 contains a cross-site scripting vulnerability in includes/nspsearch.php. The plugin allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nspsearch page to wp-admin/admin.php. id: CVE-2015-4063 info: nam...

3.5CVSS5.1AI score0.06188EPSS
Exploits6References5
Nuclei
Nuclei
added yesterday60 views

Phoenix Framework - Open Redirect

Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 contain an open redirect vulnerability, which may result in phishing or social engineering attacks. id: CVE-2017-1000163 info: name: Phoenix Framework - Open Redirect author: 0xAkoko severity: medium...

6.1CVSS6.1AI score0.0206EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday35 views

Fortinet FortiOS < 5.6.0 - Cross-Site Scripting

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken. id: CVE-2017-3132 info: name: Fortinet FortiOS 5.6.0 - Cross-Site Scripting author: ritikchaddh...

6.1CVSS6.2AI score0.08112EPSS
Exploits5References2
Nuclei
Nuclei
added yesterday61 views

OpenDreambox 2.0.0 - Remote Code Execution

OpenDreambox 2.0.0 is susceptible to remote code execution via the webadmin plugin. Remote attackers can execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI in enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py. id: CVE-2017-14135 info: nam...

10CVSS9.6AI score0.21842EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday43 views

WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kunal Nagar Custom 404 Pro allows Reflected XSS.This issue affects Custom 404 Pro: from n/a through 3.11.1. id: CVE-2024-39646 info: name: WordPress Custom 404 Pro = 3.11.1 - Reflected XSS...

7.1CVSS5.2AI score0.00624EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday76 views

WPS Hide Login <= 1.9.15.2 - Login Page Disclosure

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may...

5.3CVSS5.3AI score0.01235EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday270 views

Node.js Embedded JavaScript 3.1.6 - Template Injection

Node.js Embedded JavaScript 3.1.6 is susceptible to server-side template injection via settingsview optionsoutputFunctionName, which is parsed as an internal option and overwrites the outputFunctionName option with an arbitrary OS command, which is then executed upon template compilation. id:...

9.8CVSS7AI score0.32808EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday16 views

HT Mega < 3.0.7 - Sensitive Information Disclosure

The HT Mega plugin for WordPress is vulnerable to Sensitive Information Exposure via AJAX actions. This template dynamically extracts the security nonce before exploitation. id: CVE-2026-4106 info: name: HT Mega 3.0.7 - Sensitive Information Disclosure author: EFETR severity: high description: |...

5.3CVSS5.2AI score0.00742EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday24 views

Apache OFBiz - XML External Entity Injection

The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and figur...

7.5CVSS7.3AI score0.1591EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday14 views

Vite dev server - Cross-Site Scripting

Vite's dev server, when used with appType: 'custom' and manually invoking server.transformIndexHtml using the unmodified request URL, is vulnerable to XSS via a crafted URL payload. If the HTML being served includes an inline module script ..., an attacker can inject a script via the URL,...

6.1CVSS6.6AI score0.00997EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday170 views

WordPress HTML5 Video Player < 2.5.27 - SQL Injection

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks id: CVE-2024-5522 info: name: WordPress HTML5 Video Player 2.5.27 - SQL Injection...

6.5CVSS5.6AI score0.02618EPSS
Exploits6References2
Nuclei
Nuclei
added yesterday40 views

Etherpad Lite <1.6.4 - Admin Authentication Bypass

Etherpad Lite before 1.6.4 is exploitable for admin access. id: CVE-2018-9845 info: name: Etherpad Lite 1.6.4 - Admin Authentication Bypass author: philippedelteil severity: critical description: Etherpad Lite before 1.6.4 is exploitable for admin access. impact: | An attacker can bypass the admi...

9.8CVSS8.5AI score0.13132EPSS
Exploits0References5
Rows per page
Query Builder