Lucene search
K
NucleiMost viewed

4139 matches found

Nuclei
Nuclei
added 12 hours ago110 views

Smart S210 Management Platform - Arbitary File Upload

A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument fileupload leads to unrestricted upload. id: CVE-2024-0939 info: name: Smar...

9.8CVSS6.5AI score0.43777EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago110 views

Gradio Hugging Face - Local File Inclusion

Gradio LFI when auth is not enabled, affects versions 4.0 - 4.10, also works against Gradio 3.33 id: CVE-2023-51449 info: name: Gradio Hugging Face - Local File Inclusion author: nvn1729 severity: high description: | Gradio LFI when auth is not enabled, affects versions 4.0 - 4.10, also works...

7.5CVSS7AI score0.0228EPSS
Exploits0References3
Nuclei
Nuclei
added 12 hours ago110 views

TurboMeeting - Boolean-based SQL Injection

A Boolean-based SQL injection vulnerability in the "RHUB TurboMeeting" web application. This vulnerability could allow an attacker to execute arbitrary SQL commands on the database server, potentially allowing them to access sensitive data or compromise the server. id: CVE-2024-38289 info: name:...

9.8CVSS6.3AI score0.40874EPSS
Exploits1References1
Nuclei
Nuclei
added 12 hours ago110 views

CommScope Ruckus IoT Controller - Information Disclosure

CommScope Ruckus IoT Controller is susceptible to information disclosure vulnerabilities because a 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for...

9.8CVSS7AI score0.5699EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday110 views

Apache Airflow OS Command Injection

Apache Airflow prior to version 2.2.4 is vulnerable to OS command injection attacks because some example DAGs do not properly sanitize user-provided parameters, making them susceptible to OS Command Injection from the web UI. id: CVE-2022-24288 info: name: Apache Airflow OS Command Injection...

8.8CVSS7AI score0.7788EPSS
Exploits0References5
Nuclei
Nuclei
added 2 days ago110 views

BillQuick Web Suite SQL Injection

BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xpcmdshell. id: CVE-2021-42258 info: name: BillQuick Web Suite SQL Injection...

9.8CVSS8AI score0.73269EPSS
Exploits3References5
Nuclei
Nuclei
added 5 days ago110 views

QNAP QTS and Photo Station 6.0.3 - Remote Command Execution

This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions. id: CVE-2019-7192 info: name: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution...

9.8CVSS6.8AI score0.88213EPSS
Exploits12References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.110 views

rConfig 3.9.2 - Remote Code Execution

rConfig 3.9.2 is susceptible to a remote code execution vulnerability. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. id:...

10CVSS9.6AI score0.97702EPSS
Exploits11References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.110 views

Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php. id: CVE-2020-17506 info: name: Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection author:...

9.8CVSS8.7AI score0.93967EPSS
Exploits7References5
Nuclei
Nuclei
added 12 hours ago109 views

The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting

The Wordpress plugin Code Snippets before 2.14.3 does not escape the snippets-safe-mode parameter before reflecting it in attributes, leading to a reflected cross-site scripting issue. id: CVE-2021-25008 info: name: The Code Snippets WordPress Plugin 2.14.3 - Cross-Site Scripting author: cckuailo...

6.1CVSS6.4AI score0.02258EPSS
Exploits2References4
Nuclei
Nuclei
added 12 hours ago109 views

Advantech R-SeeNet 2.4.12 - Cross-Site Scripting

Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the sshform.php script functionality. id: CVE-2021-21800 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...

9.6CVSS6.7AI score0.14115EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago109 views

Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting

The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter. id: CVE-2018-20824 info: name: Atlassian Jira WallboardServlet 7.13.1 - Cross-Site Scripting author:...

6.1CVSS6.5AI score0.37577EPSS
Exploits0References5
Nuclei
Nuclei
added 12 hours ago109 views

ReQlogic v11.3 - Cross Site Scripting

ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters. id: CVE-2022-41441 info: name: ReQlogic v11.3 - Cross Site Scripting author: r3Y3r53 severity: medium description: | ReQlogic v11.3 allow attackers ...

6.1CVSS6.6AI score0.05187EPSS
Exploits3References5
Nuclei
Nuclei
added 12 hours ago109 views

vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution

vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verifyserialized checks that a value is serialized by calling unserialize and then checking for errors. id: CVE-2023-25135...

9.8CVSS7.3AI score0.23926EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago109 views

Redash Setup Configuration - Default Secrets Disclosure

Redash Setup Configuration is vulnerable to default secrets disclosure Insecure Default Initialization of Resource. If an admin sets up Redash versions =10.0 and prior without explicitly specifying the REDASHCOOKIESECRET or REDASHSECRETKEY environment variables, a default value is used for both...

8.1CVSS6.6AI score0.08017EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago109 views

Gradio 4.3-4.12 - Local File Read

Local file read by calling arbitrary methods of Components class between Gradio versions 4.3-4.12 id: CVE-2024-1561 info: name: Gradio 4.3-4.12 - Local File Read author: nvn1729,Diablo severity: high description: | Local file read by calling arbitrary methods of Components class between Gradio...

7.5CVSS7AI score0.09239EPSS
Exploits4References6
Nuclei
Nuclei
added 12 hours ago109 views

NagiosXI <= 5.4.12 `commandline.php` SQL injection

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter. id: CVE-2018-10735 info: name: NagiosXI = 5.4.12 commandline.php SQL injection author: DhiyaneshDk severity: high description: | A SQL injection issue was discovered in Nagios XI before...

7.2CVSS7AI score0.42556EPSS
Exploits2References2
Nuclei
Nuclei
added 12 hours ago109 views

Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting

ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scripting vulnerability. Insecure URI handling leads to bypass of security restrictions, which allows an attacker to execute arbitrary JavaScript codes to perform multiple attacks. id: CVE-2021-46387 info: name: Zyxel ZyWALL 2...

6.1CVSS6.5AI score0.21028EPSS
Exploits4References5
Nuclei
Nuclei
added 12 hours ago109 views

Copyparty <= 1.8.2 - Directory Traversal

Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the .cpr subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This...

7.5CVSS6.9AI score0.42828EPSS
Exploits4References5
Nuclei
Nuclei
added 12 hours ago109 views

Hongdian H8922 3.0.5 Devices - Local File Inclusion

Hongdian H8922 3.0.5 devices are vulnerable to local file inclusion. The /logdownload.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ e.g., ../../etc/passwd This can be carried out wi...

6.5CVSS6.8AI score0.13751EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago109 views

VoipMonitor <24.61 - Remote Code Execution

VoipMonitor prior to 24.61 is susceptible to remote code execution vulnerabilities because of its use of user supplied data via its web interface, allowing remote unauthenticated users to trigger a remote PHP code execution vulnerability. id: CVE-2021-30461 info: name: VoipMonitor 24.61 - Remote...

9.8CVSS7.4AI score0.36632EPSS
Exploits5References5
Nuclei
Nuclei
added 12 hours ago109 views

FUDForum 3.1.0 - Cross-Site Scripting

FUDForum 3.1.0 contains a cross-site scripting vulnerability. An attacker can inject JavaScript via index.php in the author parameter, thereby possibly stealing cookie-based authentication credentials and launching other attacks. id: CVE-2021-27520 info: name: FUDForum 3.1.0 - Cross-Site Scriptin...

6.1CVSS6.4AI score0.06396EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday109 views

Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation

The plugin does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. id: CVE-2023-3460 info: name: Ultimate Member 2.6.7 - Unauthenticated Privilege...

9.8CVSS7.2AI score0.72306EPSS
Exploits12References5
Nuclei
Nuclei
added 5 days ago109 views

Fortinet - Authentication Bypass

Fortinet FortiOS is vulnerable to an information disclosure via service-worker.js that could allow an attacker to access sensitive information.This vulnerability affects FortiOS and could potentially lead to unauthorized access to the system. id: CVE-2024-55591 info: name: Fortinet - Authenticati...

9.8CVSS7.3AI score0.98259EPSS
Exploits9References2
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.109 views

Apache Flink - Local File Inclusion

Apache Flink 1.11.0 and released in 1.11.1 and 1.11.2 as well allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process aka local file inclusion. id: CVE-2020-17519 info: name: Apache Flink - Local File Inclusion author: pdtea...

9.1CVSS7.5AI score0.97856EPSS
Exploits14References5
Nuclei
Nuclei
added 12 hours ago108 views

WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload

WordPress Kaswara Modern VC Addons plugin through 3.0.1 is susceptible to an arbitrary file upload. The plugin allows unauthenticated arbitrary file upload via the uploadFontIcon AJAX action, which can be used to obtain code execution. The supplied zipfile is unzipped in the...

9.8CVSS7.2AI score0.4214EPSS
Exploits3References6
Nuclei
Nuclei
added 12 hours ago108 views

Advanced Comment System 1.0 - Local File Inclusion

ACS Advanced Comment System 1.0 is affected by local file inclusion via an advancedcomponentsystem/index.php?ACSpath=..%2f URI. id: CVE-2020-35598 info: name: Advanced Comment System 1.0 - Local File Inclusion author: daffainfo severity: high description: ACS Advanced Comment System 1.0 is affect...

7.5CVSS7AI score0.21EPSS
Exploits2References5
Nuclei
Nuclei
added 12 hours ago108 views

LISTSERV 17 - Cross-Site Scripting

LISTSERV 17 web interface contains a cross-site scripting vulnerability. An attacker can inject arbitrary JavaScript or HTML via the "c" parameter, thereby possibly allowing the attacker to steal cookie-based authentication credentials and launch other attacks. id: CVE-2022-39195 info: name:...

6.1CVSS6.5AI score0.06314EPSS
Exploits4References5
Nuclei
Nuclei
added 12 hours ago108 views

Atom CMS v2.0 - SQL Injection

AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. id: CVE-2022-24223 info: name: Atom CMS v2.0 - SQL Injection author: theamanrawat severity: critical description: | AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php...

9.8CVSS7.1AI score0.61965EPSS
Exploits4References5
Nuclei
Nuclei
added 12 hours ago108 views

MeterSphere < 2.5.0 SSRF

MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Versions prior to 2.5.0 are subject to a Server-Side Request Forgery that leads to Cross-Site Scripting. A Server-Side request forgery in...

7.2CVSS6.3AI score0.01607EPSS
Exploits1References4
Nuclei
Nuclei
added 12 hours ago108 views

ZZZCMS zzzphp 2.1.0 - Remote Code Execution

ZZZCMS zzzphp v2.1.0 is susceptible to a remote command execution vulnerability via dangerkey at zzztemplate.php. id: CVE-2022-23881 info: name: ZZZCMS zzzphp 2.1.0 - Remote Code Execution author: pikpikcu severity: critical description: ZZZCMS zzzphp v2.1.0 is susceptible to a remote command...

9.8CVSS7.2AI score0.56509EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago108 views

WordPress Duplicator <1.4.7 - Authentication Bypass

WordPress Duplicator plugin before 1.4.7 is susceptible to authentication bypass. The plugin discloses the URL of the backup to unauthenticated visitors accessing the main installer endpoint. If the installer script has been run once by an administrator, this allows download of the full site back...

7.5CVSS6.8AI score0.12485EPSS
Exploits5References5
Nuclei
Nuclei
added 12 hours ago108 views

TimeKeeper by FSMLabs - Remote Code Execution

An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible t...

9.8CVSS7.1AI score0.44455EPSS
Exploits1References3
Nuclei
Nuclei
added 12 hours ago108 views

WBCE CMS 1.5.2 - Cross-Site Scripting

WBCE CMS 1.5.2 contains a stored cross-site scripting vulnerability via \admin\user\save.php Display Name parameters. id: CVE-2022-30073 info: name: WBCE CMS 1.5.2 - Cross-Site Scripting author: arafatansari severity: medium description: | WBCE CMS 1.5.2 contains a stored cross-site scripting...

5.4CVSS6.2AI score0.01573EPSS
Exploits1References4
Nuclei
Nuclei
added 12 hours ago108 views

D-Link DIR-3040 1.13B03 - Information Disclosure

D-Link DIR-3040 1.13B03 is susceptible to information disclosure in the Syslog functionality. A specially crafted HTTP network request can lead to the disclosure of sensitive information. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute...

6.5CVSS6.7AI score0.36486EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday108 views

WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection

WordPress RegistrationMagic plugin before 5.0.1.6 contains an authenticated SQL injection vulnerability. The plugin does not escape user input in its rmchronosajax AJAX action before using it in a SQL statement when duplicating tasks in batches. An attacker can possibly obtain sensitive...

7.2CVSS7.1AI score0.73293EPSS
Exploits6References5
Nuclei
Nuclei
added yesterday108 views

IBM Operational Decision Manager - JNDI Injection

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145. id: CVE-2024-22319 info: name: IBM Operational Decision Manager -...

9.8CVSS7.4AI score0.764EPSS
Exploits0
Nuclei
Nuclei
added 2026/06/26 6:13 p.m.108 views

Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote...

9.8CVSS7.8AI score0.97846EPSS
Exploits14References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.108 views

Adobe ColdFusion - Arbitrary File Read

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary...

7.4CVSS8AI score0.98514EPSS
Exploits7References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.108 views

Adobe ColdFusion - Pre-Auth Remote Code Execution

Adobe ColdFusion versions 2018u16 and earlier, 2021u6 and earlier and 2023.0.0.330468 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-29300 info:...

9.8CVSS8.9AI score0.99984EPSS
Exploits0References5
Nuclei
Nuclei
added 12 hours ago107 views

SolarView Compact < 6.00 - Directory Traversal

SolarView Compact before version 6.00 is vulnerable to directory traversal via the file parameter in downloader.php. An unauthenticated attacker can read arbitrary files from the system by using path traversal sequences with a null byte bypass to access sensitive files such as /etc/passwd. id:...

7.5CVSS7AI score0.02885EPSS
Exploits1References2
Nuclei
Nuclei
added 12 hours ago107 views

MinIO Browser API - Server-Side Request Forgery

MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forgery vulnerability. id: CVE-2021-21287 info: name: MinIO Browser API - Server-Side Request Forgery author: pikpikcu severity: high description: MinIO Browser API before version...

7.7CVSS7AI score0.24784EPSS
Exploits0References5
Nuclei
Nuclei
added 12 hours ago107 views

WordPress IWS Geo Form Fields <=1.0 - SQL Injection

WordPress IWS Geo Form Fields plugin through 1.0 contains a SQL injection vulnerability. The plugin does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users. An attacker can possibly obtain sensitive information, modify data,...

9.8CVSS7.1AI score0.04955EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago107 views

OpenCATS 0.9.6 - Cross-Site Scripting

OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

6.1CVSS6.5AI score0.01333EPSS
Exploits1References5
Nuclei
Nuclei
added 12 hours ago107 views

Adobe ColdFusion - Cross-Site Scripting

Adobe Coldfusion versions 2016 update 16 and earlier, 2018 update 10 and earlier and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. An attacker could abuse this vulnerability to execute arbitrary JavaScript code...

5.4CVSS6.7AI score0.37095EPSS
Exploits0References5
Nuclei
Nuclei
added 12 hours ago107 views

MooSocial 3.1.8 - Cross-Site Scripting

A reflected cross-site scripting XSS vulnerability exisits in the dataredirecturl parameter on user login function of mooSocial v3.1.8 which allows attackers to steal user's session cookies and impersonate their account via a crafted URL. id: CVE-2023-43325 info: name: MooSocial 3.1.8 - Cross-Sit...

6.1CVSS6.4AI score0.01857EPSS
Exploits4References5
Nuclei
Nuclei
added 12 hours ago107 views

PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting

The attacker can send to victim a link containing a malicious URL in an email or instant message can perform a wide variety of actions, such as stealing the victim's session token or login credentials. id: CVE-2023-4112 info: name: PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting...

6.1CVSS6.1AI score0.05177EPSS
Exploits4References5
Nuclei
Nuclei
added 12 hours ago107 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteinquiry. id: CVE-2022-31978 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...

9.8CVSS7.1AI score0.0716EPSS
Exploits1References3
Nuclei
Nuclei
added 12 hours ago107 views

Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure

Acexy Wireless-N WiFi Repeater REV 1.0 is vulnerable to password disclosure because the password.html page of the web management interface contains the administrator account password in plaintext. id: CVE-2021-28937 info: name: Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure...

7.5CVSS7AI score0.04121EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday107 views

Advanced Custom Fields < 6.1.6 - Cross-Site Scripting

Advanced Custom Fields beofre 6.1.6 is susceptible to cross-site scripting via the poststatus parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow th...

7.1CVSS6.8AI score0.38768EPSS
Exploits3References5
Total number of security vulnerabilities4139