Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
•added 13 hours ago•38 views

Schools Alert Management Script - Arbitrary File Read

Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal. id: CVE-2018-12054 info: name: Schools Alert Management Script - Arbitrary File Read author: wisnupramoedya severity: high description: Schools Alert...

7.5CVSS7AI score0.39391EPSS
Exploits4References5
Nuclei
Nuclei
•added 13 hours ago•56 views

LionWiki <3.2.12 - Local File Inclusion

LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion. id: CVE-2020-27191 info: name: LionWiki 3.2.12 - Local File Inclusion author: 0xAkoko severity: high description: LionWiki before...

7.5CVSS7AI score0.08361EPSS
Exploits1References4
Nuclei
Nuclei
•added 13 hours ago•60 views

HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting

HotelDruid Hotel Management Software 3.0.3 contains a cross-site scripting vulnerability via the prezzoperiodo4 parameter in creaprezzi.php. id: CVE-2022-26564 info: name: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting author: alexrydzak severity: medium description: | HotelDru...

6.1CVSS6.4AI score0.02759EPSS
Exploits1References5
Nuclei
Nuclei
•added 13 hours ago•69 views

Ubigeo de Peru < 3.6.4 - SQL Injection

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections. id: CVE-2022-0814 info: name: Ubigeo de Peru 3.6.4 - SQL Injection author: r3Y3r53...

9.8CVSS7.1AI score0.09495EPSS
Exploits2References4
Nuclei
Nuclei
•added 13 hours ago•36 views

Aajoda Testimonials < 2.2.2 - Cross-Site Scripting

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. id: CVE-2023-2178 info: name: Aajoda Testimonials...

4.8CVSS6.4AI score0.00773EPSS
Exploits2References3
Nuclei
Nuclei
•added 13 hours ago•44 views

GeoServer Demo Request Endpoint - Server Side Request Forgery

It is possible to achieve Server Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. An unauthenticated user can supply a request that will be issued by the server, allowing enumeration of internal networks and, in the case of cloud instances, access to...

8.2CVSS6.9AI score0.01923EPSS
Exploits0References4
Nuclei
Nuclei
•added 13 hours ago•108 views

Grafana <= 6.7.1 - Cross-Site Scripting

Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot...

5.4CVSS6.7AI score0.09619EPSS
Exploits0References5
Nuclei
Nuclei
•added 13 hours ago•77 views

MAGMI - Cross-Site Request Forgery

MAGMI Magento Mass Importer is vulnerable to cross-site request forgery CSRF due to a lack of CSRF tokens. Remote code execution via phpcli command is also possible in the event that CSRF is leveraged against an existing admin session. id: CVE-2020-5776 info: name: MAGMI - Cross-Site Request...

8.8CVSS7.3AI score0.14725EPSS
Exploits0References5
Nuclei
Nuclei
•added 13 hours ago•22 views

Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installoractivateaddonplugins function and a weak nonce hash in all...

9.8CVSS6.1AI score0.02904EPSS
Exploits0References3
Nuclei
Nuclei
•added 13 hours ago•15 views

Ultimate Member < 2.1.12 - Unauthenticated Privilege Escalation via User Meta

An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wpcapabilities user meta that defines a user's role. During the registration...

10CVSS7AI score0.08975EPSS
Exploits2References3
Nuclei
Nuclei
•added 13 hours ago•68 views

Contact Form 7 Drag and Drop Multiple File Upload - Arbitrary File Upload

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

9.8CVSS6.6AI score0.0509EPSS
Exploits2References3
Nuclei
Nuclei
•added 13 hours ago•12 views

WP BASE Booking - Reflected XSS

WP BASE Booking of Appointments, Services and Events WordPress plugin 5.0.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before output, letting attackers execute malicious scripts in high privilege users' browsers, exploit requires victim to...

6.1CVSS7AI score0.00578EPSS
Exploits1References1
Nuclei
Nuclei
•added 13 hours ago•18 views

HyperComments <= 1.2.2 - Arbitrary Options Update

The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hcrequesthandler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to...

8.8CVSS6.2AI score0.01718EPSS
Exploits4References2
Nuclei
Nuclei
•added 13 hours ago•17 views

iBuildApp <= 0.2.0 - Reflected Cross-Site Scripting

iBuildApp WordPress plugin through 0.2.0 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13326 info:...

6.1CVSS7AI score0.00567EPSS
Exploits1References2
Nuclei
Nuclei
•added 13 hours ago•105 views

AppCMS - Cross-Site Scripting

AppCMS 2.0.101 has a cross-site scripting vulnerability in \templates\m\inchead.php. id: CVE-2021-45380 info: name: AppCMS - Cross-Site Scripting author: pikpikcu severity: medium description: AppCMS 2.0.101 has a cross-site scripting vulnerability in \templates\m\inchead.php. impact: | Successfu...

6.1CVSS6.4AI score0.02542EPSS
Exploits1References4
Nuclei
Nuclei
•added 13 hours ago•12 views

System Dashboard < 2.8.15 - Admin+ Path Traversal

The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server id: CVE-2024-10708 info: name: System Dashboard 2.8.15 - Admin+ Path...

4.9CVSS7.1AI score0.0203EPSS
Exploits1References3
Nuclei
Nuclei
•added 13 hours ago•18 views

Newspaper Theme 6.4–6.7.1 - Privilege Escalation

Newspaper Theme versions 6.4 to 6.7.1 for WordPress lacked proper options access control through tdajaxupdatepanel, which led to a Privilege Escalation vulnerability. id: CVE-2016-10972 info: name: Newspaper Theme 6.4–6.7.1 - Privilege Escalation author: pussycat0x severity: critical description:...

9.8CVSS7.1AI score0.09268EPSS
Exploits1References1
Nuclei
Nuclei
•added 13 hours ago•159 views

Adobe Connect < 12.1.5 - Local File Disclosure

Adobe Connect versions 11.4.5 and earlier, 12.1.5 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not...

5.3CVSS6.2AI score0.81875EPSS
Exploits4References4
Nuclei
Nuclei
•added 13 hours ago•29 views

Cockpit - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4. id: CVE-2023-4451 info: name: Cockpit - Cross-Site Scripting author: iamnoooob,pdresearch severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository cockpit-hq/cockpit prior...

6.1CVSS6.4AI score0.02287EPSS
Exploits1References5
Nuclei
Nuclei
•added 13 hours ago•30 views

WordPress Plugin Tera Charts - Local File Inclusion

Multiple local file inclusion vulnerabilities in Tera Charts tera-charts plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the fn parameter to 1 charts/treemap.php or 2 charts/zoomabletreemap.php. id: CVE-2014-4940 info: name: WordPress Plugin Tera Charts...

5CVSS7.2AI score0.18734EPSS
Exploits2References4
Nuclei
Nuclei
•added 13 hours ago•127 views

LearnPress Plugin < 4.2.0 - Local File Inclusion

Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions. id: CVE-2022-47615 info: name: LearnPress Plugin 4.2.0 - Local File Inclusion author: DhiyaneshDK severity: critical description: | Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin...

9.8CVSS7AI score0.05063EPSS
Exploits2References4
Nuclei
Nuclei
•added 13 hours ago•79 views

Uncanny Toolkit for LearnDash - Open Redirection

A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security. id: CVE-2023-34020 info: name: Uncanny Toolk...

6.1CVSS6.9AI score0.00963EPSS
Exploits0References3
Nuclei
Nuclei
•added 13 hours ago•25 views

DotNetNuke 9.2 - 9.2.1 - Weak Encryption & Cookie Deserialization

DNN DotNetNuke versions 9.2 through 9.2.1 use a weak encryption algorithm to protect input parameters. This cryptographic weakness enables attackers to craft malicious DNNPersonalization cookies that can be deserialized, leading to remote code execution. id: CVE-2018-15811 info: name: DotNetNuke...

7.5CVSS7.1AI score0.74048EPSS
Exploits4References4
Nuclei
Nuclei
•added 13 hours ago•23 views

OpenAM <= 16.0.5 - Pre-Auth RCE via jato.clientSession Deserialization

Open Access Management OpenAM is an access management solution. Prior to 16.0.6, OpenIdentityPlatform OpenAM is vulnerable to pre-authentication Remote Code Execution RCE via unsafe Java deserialization of the jato.clientSession HTTP parameter. This bypasses the WhitelistObjectInputStream...

10CVSS7.2AI score0.99999EPSS
Exploits10References2
Nuclei
Nuclei
•added 13 hours ago•115 views

Webkul QloApps 1.5.2 - Cross-site Scripting

Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file. id: CVE-2023-30256 info: name: Webkul QloApps 1.5.2 - Cross-site Scripting author: theamanrawat...

6.1CVSS6.4AI score0.08731EPSS
Exploits5References5
Nuclei
Nuclei
•added 13 hours ago•48 views

FineCMS <5.0.9 - Open Redirect

FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2017-11586 info: name: FineCMS 5.0.9 - Open...

6.1CVSS6.4AI score0.02286EPSS
Exploits1References2
Nuclei
Nuclei
•added 13 hours ago•32 views

Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect

Polarisft Intellect Core Banking Software Version 9.7.1 is susceptible to an open redirect issue in the Core and Portal modules via the /IntellectMain.jsp?IntellectSystem= URI. id: CVE-2018-14931 info: name: Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect author: 0xAkoko...

6.1CVSS6.4AI score0.02398EPSS
Exploits1References3
Nuclei
Nuclei
•added 13 hours ago•29 views

iboss Secure Web Gateway - Stored Cross-Site Scripting

A cross-site scripting vulnerability has been found in iboss Secure Web Gateway up to version 10.1. The vulnerability affects the /login file of the Login Portal component, where manipulation of the redirectUrl parameter leads to cross-site scripting. The attack can be launched remotely and the...

6.1CVSS5.3AI score0.22002EPSS
Exploits4References5
Nuclei
Nuclei
•added 13 hours ago•59 views

Changedetection.io RSS Single Watch - Cross-Site Scripting

changedetection.io 0.54.1 contains a stored XSS caused by unescaped reflection of UUID path parameter in RSS single-watch endpoint, letting remote attackers execute JavaScript in victim's browser, exploit requires victim to visit crafted URL. id: CVE-2026-27645 info: name: Changedetection.io RSS...

6.1CVSS6.2AI score0.00445EPSS
Exploits1References3
Nuclei
Nuclei
•added 13 hours ago•80 views

Contest Gallery < 13.1.0.6 - SQL injection

The plugin does not have capability checks and does not sanitise or escape the cg-search-user-name-original parameter before using it in a SQL statement when exporting users from a gallery, which could allow unauthenticated to perform SQL injections attacks, as well as get the list of all users...

9.8CVSS7.1AI score0.127EPSS
Exploits2References3
Nuclei
Nuclei
•added 13 hours ago•29 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider.php ssl-provider-name and ssl-provider's-url parameters. id: CVE-2018-20009 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD...

4.8CVSS6.3AI score0.04428EPSS
Exploits6References5
Nuclei
Nuclei
•added 13 hours ago•186 views

Sharp Multifunction Printers - Directory Listing

It was observed that Sharp printers are vulnerable to an arbitrary directory listing without authentication. Any attacker can list any directory located in the printer and recover any file. id: CVE-2024-33605 info: name: Sharp Multifunction Printers - Directory Listing author: gy741 severity: hig...

7.5CVSS7.1AI score0.06226EPSS
Exploits1References3
Nuclei
Nuclei
•added 13 hours ago•51 views

WP-FaceThumb 0.1 - Cross-Site Scripting

A cross-site scripting vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter. id: CVE-2012-2371 info: name: WP-FaceThumb 0.1 - Cross-Site Scripting author: daffainfo severity:...

4.3CVSS6.2AI score0.12905EPSS
Exploits1References5
Nuclei
Nuclei
•added 13 hours ago•13 views

HP Switch - Authentication Bypass

A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in...

9.8CVSS6.9AI score0.02641EPSS
Exploits1
Nuclei
Nuclei
•added 13 hours ago•28 views

FasterXML jackson-databind - Deserialization Remote Code Execution

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap. This vulnerability allows attackers to execute arbitrary code through deserialization of...

9.8CVSS7.3AI score0.18671EPSS
Exploits0References3
Nuclei
Nuclei
•added 13 hours ago•20 views

WordPress Frontend File Manager < 4.0 & N-Media Post Frontend < 1.1 - Arbitrary File Upload

The Frontend File Manager plugin 4.0 and N-Media Post Front-end Form plugin 1.1 for WordPress were vulnerable to arbitrary file uploads due to missing file type validation. This allowed unauthenticated attackers to upload arbitrary files and potentially achieve remote code execution. id:...

9.8CVSS6.3AI score0.05515EPSS
Exploits2References5
Nuclei
Nuclei
•added 13 hours ago•82 views

Duplicate Page WordPress - Stored Cross-Site Scripting

Duplicate Page WordPress plugin = 4.4.2 contains a stored cross-site scripting caused by unsanitized Duplicate Post Suffix settings in output, letting high privilege users execute malicious scripts, exploit requires high privilege user role. id: CVE-2021-24681 info: name: Duplicate Page WordPress...

4.8CVSS6.1AI score0.0087EPSS
Exploits2References3
Nuclei
Nuclei
•added 13 hours ago•22 views

Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure

The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuratio...

10CVSS6.1AI score0.01842EPSS
Exploits0References3
Nuclei
Nuclei
•added 13 hours ago•37 views

ECT Home Page Products - Reflected XSS

ECT Home Page Products WordPress plugin through 1.9 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users such as admin, exploit...

6.1CVSS7AI score0.00577EPSS
Exploits1References1
Nuclei
Nuclei
•added 13 hours ago•113 views

WordPress WPQA <5.5 - Improper Access Control

WordPress WPQA plugin before 5.5 is susceptible to improper access control. The plugin lacks authentication in a REST API endpoint. An attacker can potentially discover private questions sent between users on the site. id: CVE-2022-1598 info: name: WordPress WPQA 5.5 - Improper Access Control...

5.3CVSS6.2AI score0.05076EPSS
Exploits2References5
Nuclei
Nuclei
•added 13 hours ago•60 views

ECOA Building Automation System - Arbitrary File Retrieval

The ECOA BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. id: CVE-2021-41293 info: name: ECOA Building Automation...

7.5CVSS7AI score0.20084EPSS
Exploits1References5
Nuclei
Nuclei
•added 13 hours ago•162 views

UpdraftPlus < 1.22.9 - Cross-Site Scripting

The plugin does not sanitise and escape the updraftinterval parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting XSS vulnerability. id: CVE-2022-0864 info: name: UpdraftPlus 1.22.9 - Cross-Site Scripting author: DhiyaneshDk severity: medium description...

6.1CVSS6.4AI score0.07355EPSS
Exploits4References4
Nuclei
Nuclei
•added 13 hours ago•72 views

Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download

The File Download API in Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data. id: CVE-2021-38146 info: name: Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Downloa...

7.5CVSS7.1AI score0.11733EPSS
Exploits3References4
Nuclei
Nuclei
•added 13 hours ago•122 views

NeDi 1.9C - Cross-Site Scripting

NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a...

6.1CVSS6.3AI score0.03442EPSS
Exploits0References4
Nuclei
Nuclei
•added 13 hours ago•139 views

Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion

A PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites comjoomla-visites component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. id: CVE-2010-2918 info: name: Joomla! Component Visit...

7.5CVSS6.3AI score0.13704EPSS
Exploits1References5
Nuclei
Nuclei
•added 13 hours ago•7 views

LeadConnector < 3.0.22 - Unauthenticated Arbitrary Data Write

LeadConnector WordPress plugin 3.0.22 contains a broken access control caused by missing authorization in a REST route, letting unauthenticated attackers overwrite existing data remotely, exploit requires no authentication. id: CVE-2026-1890 info: name: LeadConnector 3.0.22 - Unauthenticated...

5.3CVSS6.1AI score0.00645EPSS
Exploits0References2
Nuclei
Nuclei
•added 13 hours ago•1419 views

Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

5CVSS6.1AI score0.47595EPSS
Exploits1References3
Nuclei
Nuclei
•added 13 hours ago•48 views

AvantFAX 3.3.3 - Cross-Site Scripting

AvantFAX 3.3.3 contains a cross-site scripting vulnerability via an arbitrary parameter name submitted to the default URL, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1. id: CVE-2017-18024 info: name: AvantFAX 3.3.3 - Cross-Site Scripting author: pikpikc...

6.1CVSS6.4AI score0.04531EPSS
Exploits2References5
Nuclei
Nuclei
•added 13 hours ago•20 views

ListingPro < 2.6.1 - Sensitive Data Disclosure

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the /listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email...

5.3CVSS6.2AI score0.01608EPSS
Exploits1References2
Nuclei
Nuclei
•added 13 hours ago•62 views

MindPalette NateMail 3.0.15 - Cross-Site Scripting

MindPalette NateMail 3.0.15 is susceptible to reflected cross-site scripting which could allows an attacker to execute remote JavaScript in a victim's browser via a specially crafted POST request. The application will reflect the recipient value if it is not in the NateMail recipient array. Note...

6.1CVSS6.5AI score0.03862EPSS
Exploits1References5
Total number of security vulnerabilities4143