Lucene search
K
NucleiMost viewed

4137 matches found

Nuclei
Nuclei
•added 2026/06/18 12:11 p.m.•267 views

Apache HugeGraph-Server - Remote Command Execution

Apache HugeGraph-Server is an open-source graph database that provides a scalable and high-performance solution for managing and analyzing large-scale graph data. It is commonly used in Java8 and Java11 environments. However, versions prior to 1.3.0 are vulnerable to a remote command execution RC...

9.8CVSS9AI score0.9921EPSS
Exploits11References6
Nuclei
Nuclei
•added yesterday•266 views

Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting

Keycloak 10.0.0 to 18.0.0 contains a cross-site scripting vulnerability via the client-registrations endpoint. On a POST request, the application does not sanitize an unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response i...

6.1CVSS6.6AI score0.37246EPSS
Exploits3References6
Nuclei
Nuclei
•added yesterday•264 views

Node.js Embedded JavaScript 3.1.6 - Template Injection

Node.js Embedded JavaScript 3.1.6 is susceptible to server-side template injection via settingsview optionsoutputFunctionName, which is parsed as an internal option and overwrites the outputFunctionName option with an arbitrary OS command, which is then executed upon template compilation. id:...

9.8CVSS6.8AI score0.32386EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•263 views

ZoneMinder Snapshots - Command Injection

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the...

9.8CVSS7.1AI score0.80462EPSS
Exploits11References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•261 views

CraftCMS < 4.4.15 - Unauthenticated Remote Code Execution

Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector leading to Remote Code Execution RCE. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in...

10CVSS8.4AI score0.92918EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•261 views

Adobe Commerce & Magento - CosmicSting

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary code execution. id: CVE-2024-34102 info: name: Adobe Commerce & Magento - CosmicSting author:...

9.8CVSS9AI score0.99994EPSS
Exploits26References2
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•260 views

Oracle WebLogic Server - Remote Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. id: CVE-2019-2725 info: name: Oracle WebLogic...

9.8CVSS7.9AI score0.99964EPSS
Exploits35References5
Nuclei
Nuclei
•added yesterday•259 views

OpenMetadata - Authentication Bypass

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The JwtFilter handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request...

9.8CVSS7.4AI score0.73255EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•259 views

Ivanti Connect Secure - XXE

Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. id: CVE-2024-22024 info: name: Ivanti Connect Secure - XXE author: watchTowr severity: high description: | Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. impact: | Successful exploitation of this...

8.3CVSS7.3AI score0.94721EPSS
Exploits1References2
Nuclei
Nuclei
•added 5 days ago•254 views

JetBrains TeamCity > 2023.11.3 - Authentication Bypass

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible id: CVE-2024-23917 info: name: JetBrains TeamCity 2023.11.3 - Authentication Bypass author: iamnoooob,rootxharsh,pdresearch severity: critical description: | In JetBrains TeamCity before 2023.11.3...

9.8CVSS7.4AI score0.5373EPSS
Exploits0References2
Nuclei
Nuclei
•added 5 days ago•253 views

ZZZCMS 1.6.1 - Remote Code Execution

ZZZCMS zzzphp V1.6.1 is vulnerable to remote code execution via the inc/zzztemplate.php file because the parserIfLabel function's filtering is not strict, resulting in PHP code execution as demonstrated by the if:assert substring. id: CVE-2019-9041 info: name: ZZZCMS 1.6.1 - Remote Code Execution...

7.2CVSS7.7AI score0.31421EPSS
Exploits8References5
Nuclei
Nuclei
•added last week•252 views

Primetek Primefaces 5.x - Remote Code Execution

Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution. id: CVE-2017-1000486 info: name: Primetek Primefaces 5.x - Remote Code Execution author: Moritz Nentwig severity: critical description: Primetek Primefaces 5.x is vulnerable to a weak encryption fl...

9.8CVSS7.8AI score0.94104EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•249 views

Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion

Oracle GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated local file inclusion vulnerabilities that can be exploited by issuing specially crafted HTTP GET requests. id: CVE-2017-1000028 info: name: Oracle GlassFish Server Open Source Edition 4.1 - Loc...

7.5CVSS7.4AI score0.99479EPSS
Exploits7References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•248 views

Apache OFBiz < 18.12.10 - Arbitrary Code Execution

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. id: CVE-2023-49070 info: name: Apache OFBiz 18.12.10 - Arbitrary Code Execution author: your3cho severity: critical description: | Pre-auth RCE in Apach...

9.8CVSS8.7AI score0.95442EPSS
Exploits11References5
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•248 views

LG NAS Devices - Remote Code Execution

LG NAS devices contain a pre-auth remote command injection via the "password" parameter. id: CVE-2018-10818 info: name: LG NAS Devices - Remote Code Execution author: gy741 severity: critical description: LG NAS devices contain a pre-auth remote command injection via the "password" parameter...

9.8CVSS9.5AI score0.89354EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•247 views

Microsoft SharePoint - Authentication Bypass

Microsoft SharePoint Server Elevation of Privilege Vulnerability id: CVE-2023-29357 info: name: Microsoft SharePoint - Authentication Bypass author: pdteam severity: critical description: | Microsoft SharePoint Server Elevation of Privilege Vulnerability impact: | Unauthenticated attackers can...

9.8CVSS7.3AI score0.99649EPSS
Exploits10References5
Nuclei
Nuclei
•added yesterday•243 views

Mlflow <2.9.2 - Path Traversal

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. id: CVE-2023-6909 info: name: Mlflow 2.9.2 - Path Traversal author: Hyunsoo-ds severity: high description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. impact: | Successful...

7.5CVSS7AI score0.89716EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•243 views

Wordpress Email Subscribers by Icegram Express - SQL Injection

The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IGESSubscribersQuery' class in all versions up to, and including, 5.7.14 due to insufficient escaping ...

9.8CVSS7.4AI score0.80596EPSS
Exploits4References2
Nuclei
Nuclei
•added yesterday•243 views

WordPress File Upload <= 4.24.11 - Arbitrary File Read

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfufiledownloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitatio...

9.8CVSS7.3AI score0.92319EPSS
Exploits4References7
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•243 views

ManageEngine Desktop Central Java Deserialization

Zoho ManageEngine Desktop Central before 10.0.474 is vulnerable to a deserialization of untrusted data, which permits remote code execution. id: CVE-2020-10189 info: name: ManageEngine Desktop Central Java Deserialization author: king-alexander severity: critical description: | Zoho ManageEngine...

10CVSS9.2AI score0.99941EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•243 views

Confluence Server - Remote Code Execution

Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version...

9.8CVSS8.5AI score0.99999EPSS
Exploits45References5
Nuclei
Nuclei
•added yesterday•242 views

Oracle WebLogic Server - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions...

9.8CVSS7.8AI score0.50224EPSS
Exploits7References5
Nuclei
Nuclei
•added yesterday•242 views

Responsive FileManager <9.13.4 - Local File Inclusion

Responsive FileManager before version 9.13.4 is vulnerable to local file inclusion via filemanager/ajaxcalls.php because it uses external input to construct a pathname that should be within a restricted directory, aka local file inclusion. id: CVE-2018-15535 info: name: Responsive FileManager...

7.5CVSS6.7AI score0.45242EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•242 views

Roxy Fileman 1.4.5 - Unrestricted File Upload

Roxy Fileman 1.4.5 is susceptible to unrestricted file upload via upload.php. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. id: CVE-2018-20526 info: name: Roxy Fileman 1.4.5 -...

9.8CVSS7.2AI score0.73056EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•242 views

XWiki Platform - Remote Code Execution

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document SkinsCode.XWikiSkinsSheet leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute...

9.9CVSS7.9AI score0.91346EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•242 views

Jboss Application Server - Remote Code Execution

Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2 is susceptible to a remote code execution vulnerability because the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization, thus allowing a...

9.8CVSS8.2AI score0.90713EPSS
Exploits14References5
Nuclei
Nuclei
•added 2026/06/28 3:8 p.m.•242 views

Skype for Business 2019 (SfB) - Blind Server-side Request Forgery

Skype Pre-Auth Server-side Request Forgery SSRF vulnerability id: CVE-2023-41763 info: name: Skype for Business 2019 SfB - Blind Server-side Request Forgery author: hateshape severity: medium description: | Skype Pre-Auth Server-side Request Forgery SSRF vulnerability impact: | Unauthenticated...

5.3CVSS7AI score0.90353EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•240 views

Splunk Enterprise - Local File Inclusion

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. id: CVE-2024-36991 info: name: Splunk...

7.5CVSS7.1AI score0.1311EPSS
Exploits10References3
Nuclei
Nuclei
•added yesterday•238 views

WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection

The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the lsgetpopupmarkup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...

9.8CVSS7.3AI score0.18402EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•237 views

PAN-OS - Reflected Cross-Site Scripting

A reflected cross-site scripting XSS vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link.The...

6.9CVSS6.7AI score0.44444EPSS
Exploits8References2
Nuclei
Nuclei
•added yesterday•237 views

Argo CD Unauthenticated Access to sensitive setting

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. id: CVE-2024-37152 info: name: Ar...

7.5CVSS6.5AI score0.02348EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•236 views

NotificationX <= 2.8.2 - SQL Injection

The NotificationX - Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied parameter and la...

9.8CVSS7.2AI score0.77585EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•235 views

Oracle iPlanet Web Server 7.0.x - Authentication Bypass

Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this CVE. id:...

7.5CVSS6.5AI score0.81814EPSS
Exploits0
Nuclei
Nuclei
•added yesterday•235 views

GitLab CE/EE - Remote Code Execution

GitLab CE/EE 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 is susceptible to remote code execution. An authenticated user authorized to import projects can import a maliciously crafted project, thus possibly being able to execute malware, obtain sensitive information, modi...

9.9CVSS7.6AI score0.76884EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•235 views

Reflected XSS - Telerik Reporting Module

Cross-site scripting vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 11.0.17.406 allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd. id:...

6.1CVSS7AI score0.09642EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•235 views

WordPress Newspaper < 12 - Cross-Site Scripting

WordPress Newspaper theme before 12 is susceptible to cross-site scripting. The does not sanitize a parameter before outputting it back in an HTML attribute via an AJAX action. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or execute unauthorized...

6.1CVSS6AI score0.00969EPSS
Exploits2References2
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•235 views

WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection

WordPress Paid Memberships Pro plugin before 2.9.8 contains a blind SQL injection vulnerability in the 'code' parameter of the /pmpro/v1/order REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of th...

9.8CVSS8.8AI score0.9246EPSS
Exploits6References5
Nuclei
Nuclei
•added yesterday•234 views

Cuppa CMS v1.0 - Remote Code Execution

CuppaCMS 1.0 is vulnerable to Remote Code Execution RCE. An authenticated user can control both parameters action and function from "/api/index.php. id: CVE-2022-37190 info: name: Cuppa CMS v1.0 - Remote Code Execution author: theamanrawat severity: high description: | CuppaCMS 1.0 is vulnerable ...

8.8CVSS7.3AI score0.45769EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•234 views

WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be...

7.5CVSS7.3AI score0.17227EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•233 views

PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting

PKP Open Journal Systems 2.4.8 to 3.3 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary code via the X-Forwarded-Host Header. id: CVE-2022-24181 info: name: PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting author: lucasljm2001,ekrause severit...

6.1CVSS6.7AI score0.0608EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•232 views

PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection

A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data. id: CVE-2022-22897 info: name: PrestaShop AP Pagebuilder = 2.4.4 - SQL Injection...

9.8CVSS7.2AI score0.10814EPSS
Exploits3References3
Nuclei
Nuclei
•added 2026/06/28 3:8 p.m.•232 views

Apache Struts2 S2-053 - Remote Code Execution

Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1 uses an unintentional expression in a Freemarker tag instead of string literals, which makes it susceptible to remote code execution attacks. id: CVE-2017-12611 info: name: Apache Struts2 S2-053 - Remote Code Execution author: pikpikcu...

9.8CVSS7.7AI score0.99461EPSS
Exploits28References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•232 views

Citrix Bleed - Leaking Session Tokens

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA ?virtual?server. id: CVE-2023-4966 info: name: Citrix Bleed - Leaking Session Tokens author: DhiyaneshDK severity: high description: | Sensiti...

9.4CVSS7.5AI score0.99999EPSS
Exploits15References5
Nuclei
Nuclei
•added yesterday•230 views

Symfony - Authentication Bypass

Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including 1 no hash or 2 an invalid has...

4.3CVSS6AI score0.08269EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•230 views

Apache Airflow - Unauthenticated Variable Import

Apache Airflow Airflow =2.0.0 and =2.0.0 and 2.1.3 does not protect the variable import endpoint which allows unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution...

9.8CVSS7.5AI score0.80938EPSS
Exploits2References5
Nuclei
Nuclei
•added 2026/06/26 6:13 p.m.•230 views

CraftCMS - Remote Code Execution

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity...

10CVSS7.9AI score0.99803EPSS
Exploits14References5
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•230 views

Rocket.Chat <=3.13 - NoSQL Injection

Rocket.Chat 3.11, 3.12 and 3.13 contains a NoSQL injection vulnerability which allows unauthenticated access to an API endpoint. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected...

9.8CVSS7.3AI score0.95242EPSS
Exploits16References6
Nuclei
Nuclei
•added yesterday•227 views

Car Rental Management System 1.0 - SQL Injection

Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/viewcar.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-32025 info:...

7.2CVSS7.1AI score0.04522EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•221 views

SuiteCRM - SQL Injection

SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response entry point allows for a SQL injection attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue. id: CVE-2024-36412 info: name: SuiteC...

10CVSS7.2AI score0.05692EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•221 views

Apache Druid - Remote Code Execution

Apache Druid is susceptible to remote code execution because by default it lacks authorization and authentication. Attackers can send specially crafted requests to execute arbitrary code with the privileges of processes on the Druid server. id: CVE-2021-25646 info: name: Apache Druid - Remote Cod...

9CVSS8AI score0.99301EPSS
Exploits8References5
Total number of security vulnerabilities4137