Lucene search
K
NucleiMost viewed

4139 matches found

Nuclei
Nuclei
added 2026/06/28 3:8 p.m.55 views

WP Time Capsule Plugin - Remote Code Execution

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticat...

9.8CVSS8AI score0.93709EPSS
Exploits7References6
Nuclei
Nuclei
added 2026/06/25 1:31 a.m.55 views

Zoho ManageEngine Desktop Central - Remote Code Execution

Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server. id: CVE-2021-44515 info: name: Zoho ManageEngine Desktop Central - Remote Code Execution author: Adam Crosser severity:...

10CVSS7.9AI score0.99867EPSS
Exploits2References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.55 views

VMware vSphere Client (HTML5) - Remote Code Execution

VMware vCenter vSphere Client HTML5 contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. Th...

10CVSS9.6AI score0.9957EPSS
Exploits47References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.55 views

F5 iControl REST - Remote Command Execution

F5 iControl REST interface is susceptible to remote command execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. This affects BIG-IP 16.0.x before 16.0.1.1, 15.1.x before...

10CVSS9AI score0.99898EPSS
Exploits20References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.55 views

ManageEngine ADManager Plus - Command Injection

Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings. id: CVE-2023-29084 info: name: ManageEngine ADManager Plus - Command Injection author: rootxharsh,iamnoooob,pdresearch severity: high description: | Zoho ManageEngine...

7.2CVSS7.3AI score0.98388EPSS
Exploits2References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.55 views

Drupal - Remote Code Execution

Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10 V contain certain field types that do not properly sanitize data from non-form sources, which can lead to arbitrary PHP code execution in some cases. id: CVE-2019-6340 info: name: Drupal - Remote Code Execution author: madrobot severity:...

8.1CVSS8.8AI score0.91919EPSS
Exploits22References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.55 views

Embedthis GoAhead <3.6.5 - Remote Code Execution

description: Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. id: CVE-2017-17562 info: name: Embedthis GoAhead 3.6.5 - Remote Code Execution author: geeknik severity: high description: | description: Embedthis GoAhead before...

8.1CVSS8.1AI score0.96327EPSS
Exploits15References5
Nuclei
Nuclei
added 8 hours ago54 views

HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 'template' parameter of the wooftextsearch AJAX action. This makes it possible for unauthenticated attackers to include and...

9.8CVSS7.8AI score0.54756EPSS
Exploits2References5
Nuclei
Nuclei
added 8 hours ago54 views

PHPJabbers Bus Reservation System 1.1 - Cross-Site Scripting

A vulnerability was found in PHP Jabbers Bus Reservation System 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index/pickupid leads to cross site scripting. The attack may be launched remotely. id:...

6.1CVSS4AI score0.02499EPSS
Exploits3References4
Nuclei
Nuclei
added 8 hours ago54 views

IceWarp Mail Server v10.4.5 - Cross-Site Scripting

IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the color parameter. id: CVE-2023-39700 info: name: IceWarp Mail Server v10.4.5 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | IceWarp Mail Server v10.4.5 was...

6.1CVSS6.3AI score0.01376EPSS
Exploits1References4
Nuclei
Nuclei
added 8 hours ago54 views

The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass

The Plus Addons for Elementor plugin before version 4.1.7 allowed attackers to bypass authentication, gain admin access, and create accounts with elevated roles, even when registration was disabled and the Login widget was inactive. id: CVE-2021-24175 info: name: The Plus Addons for Elementor Pag...

9.8CVSS7.2AI score0.14462EPSS
Exploits3References2
Nuclei
Nuclei
added 8 hours ago54 views

XWiki < 14.10.14 - Cross-Site Scripting

XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name of the...

9.6CVSS6.9AI score0.02191EPSS
Exploits1References2
Nuclei
Nuclei
added 8 hours ago54 views

WordPress Asgaros Forum <1.15.13 - SQL Injection

WordPress Asgaros Forum plugin before 1.15.13 is susceptible to SQL injection. The plugin does not validate and escape user input when subscribing to a topic before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...

9.8CVSS7.3AI score0.13285EPSS
Exploits3References5
Nuclei
Nuclei
added 8 hours ago54 views

DedeCMS 5.7 - SQL Injection

DedeCMS through 5.7 has SQL Injection via the $FILES superglobal to plus/recommend.php. id: CVE-2017-17731 info: name: DedeCMS 5.7 - SQL Injection author: j4vaovo severity: critical description: | DedeCMS through 5.7 has SQL Injection via the $FILES superglobal to plus/recommend.php. impact: |...

9.8CVSS7.3AI score0.13194EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago54 views

WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection

WordPress Paytm Payment Gateway plugin through 2.7.3 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-45805 info: name: WordPress Payt...

9.8CVSS7.3AI score0.02327EPSS
Exploits0References5
Nuclei
Nuclei
added 8 hours ago54 views

Mlflow <2.3.1 - Local File Inclusion Bypass

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. id: CVE-2023-2780 info: name: Mlflow 2.3.1 - Local File Inclusion Bypass author: iamnoooob,pdresearch severity: critical description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1...

9.8CVSS7.2AI score0.06311EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago54 views

WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting

WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the galleryid, tag, albumid and themeid GET parameters passed to the bwgfrontenddata AJAX action, available to both unauthenticated and authenticated users. id: CVE-2021-2429...

6.1CVSS6.5AI score0.1445EPSS
Exploits2References3
Nuclei
Nuclei
added 8 hours ago54 views

Intel Neural Compressor <2.5.0 - SQL Injection

Improper input validation in some IntelR Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access. id: CVE-2024-22476 info: name: Intel Neural Compressor 2.5.0 - SQL Injection author: ritikchaddha severity:...

10CVSS7.4AI score0.33357EPSS
Exploits0References2
Nuclei
Nuclei
added 8 hours ago54 views

Apache Superset < 4.0.2 - SQL Injection

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...

9.8CVSS6AI score0.04433EPSS
Exploits2References4
Nuclei
Nuclei
added 8 hours ago54 views

FastAdmin < V1.3.4.20220530 - Path Traversal

A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploi...

7.5CVSS5.3AI score0.16882EPSS
Exploits5References3
Nuclei
Nuclei
added 8 hours ago54 views

MotionEye Config Info Disclosure

MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. To exploit this vulnerability, a regular user password must be unconfigured. id: CVE-2022-25568 info: name: MotionEye Config Info Disclosure author: DhiyaneshDK severity: high...

7.5CVSS7AI score0.06829EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago54 views

Zimbra Collaboration (ZCS) - Cross Site Scripting

A reflected cross-site scripting XSS vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration aka ZCS 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters. id: CVE-2022-27926 info: name: Zimbra Collaboration ZCS - Cross Site...

6.1CVSS6.7AI score0.17634EPSS
Exploits0References5
Nuclei
Nuclei
added 8 hours ago54 views

CopyParty v1.8.6 - Cross Site Scripting

Copyparty is a portable file server. Versions prior to 1.8.6 are subject to a reflected cross-site scripting XSS Attack.Vulnerability that exists in the web interface of the application could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link...

6.3CVSS6.6AI score0.06195EPSS
Exploits3References5
Nuclei
Nuclei
added 8 hours ago54 views

FooGallery plugin <= 2.2.35 - Cross-Site Scripting

Reflected Cross-Site Scripting XSS vulnerability in FooPlugins FooGallery plugin = 2.2.35 versions. id: CVE-2023-29439 info: name: FooGallery plugin = 2.2.35 - Cross-Site Scripting author: theamanrawat severity: medium description: | Reflected Cross-Site Scripting XSS vulnerability in FooPlugins...

7.1CVSS6.8AI score0.01747EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago54 views

Flyte Console <0.52.0 - Server-Side Request Forgery

FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or...

9.1CVSS7.1AI score0.09662EPSS
Exploits0References5
Nuclei
Nuclei
added 8 hours ago54 views

Ametys CMS Information Disclosure

Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml and similar pathnames for other languages via the auto-completion plugin, which contain all characters typed by all users, including the content of...

5.3CVSS6.2AI score0.13372EPSS
Exploits2References5
Nuclei
Nuclei
added 8 hours ago54 views

Wavlink WN535K2/WN535K3 - OS Command Injection

Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection which affects unknown code in /cgi-bin/nightled.cgi via manipulation of the argument starthour. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised syste...

9.8CVSS7.2AI score0.79513EPSS
Exploits1References4
Nuclei
Nuclei
added 8 hours ago54 views

WordPress RobotCPA 5 - Directory Traversal

The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter. id: CVE-2015-9480 info: name: WordPress RobotCPA 5 - Directory Traversal author: daffainfo severity: high description: The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter...

7.5CVSS7.1AI score0.12574EPSS
Exploits2References3
Nuclei
Nuclei
added 8 hours ago54 views

Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion

Joomla! Omilen Photo Gallery comomphotogallery component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. id: CVE-2009-4202 info: name: Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion...

7.5CVSS6.2AI score0.08109EPSS
Exploits1References5
Nuclei
Nuclei
added 8 hours ago54 views

Joomla! Component Sweetykeeper 1.5 - Local File Inclusion

A directory traversal vulnerability in the Sweety Keeper comsweetykeeper component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1474 info: name: Joomla! Compone...

6.8CVSS6.1AI score0.09471EPSS
Exploits2References5
Nuclei
Nuclei
added 8 hours ago54 views

EspoCRM <= 9.3.3 - Server-Side Request Forgery

EspoCRM = 9.3.3 contains an authenticated server-side request forgery caused by improper internal-host validation using alternative IPv4 formats in HostCheck::isNotInternalHost, letting authenticated users access internal resources via /api/v1/Attachment/fromImageUrl endpoint. id: CVE-2026-33534...

4.3CVSS5.9AI score0.01978EPSS
Exploits5References2
Nuclei
Nuclei
added 8 hours ago54 views

Traefik - Open Redirect

Traefik before 1.7.26, 2.2.8, and 2.3.0-rc3 contains an open redirect vulnerability in the X-Forwarded-Prefix header. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-15129 info: name:...

6.1CVSS6AI score0.08011EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday54 views

ArgoCD Project API Token Repository Credentials Exposure

Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...

9.9CVSS7.3AI score0.04518EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday54 views

DevDojo Voyager <= 1.8.0 - Arbitrary File Write vulnerability

DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. An authenticated user can upload a web shell causing arbitrary code execution on the server. id: CVE-2024-55417 info: name: DevDojo Voyage...

4.3CVSS7.9AI score0.12298EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday54 views

WordPress Car Seller - Auto Classifieds Script - SQL Injection

The requestlistrequest AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitize, validate or escape the orderid POST parameter before using it in a SQL statement, leading to a SQL injection...

9.8CVSS7.2AI score0.14697EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday54 views

Motorola Baby Monitors - Remote Command Execution

Motorola Baby Monitors contains multiple interface vulnerabilities could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. id: CVE-2021-3577 info: name: Motorola Baby Monitors - Remote Command Execution author: gy741 severity: high...

8.8CVSS7.2AI score0.59893EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday54 views

CirCarLife Scada <4.3 - System Log Exposure

CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. CirCarLife is an internet-connected electric vehicle charging station. id: CVE-2018-12634 info: name: CirCarLife Scada 4.3 - System Log...

9.8CVSS7.2AI score0.57737EPSS
Exploits5References5
Nuclei
Nuclei
added yesterday54 views

Drag and Drop Multiple File Upload - CF7 <= 1.3.9.6 - Remote Code Execution

Drag and Drop Multiple File Upload for Contact Form 7 WordPress plugin = 1.3.9.6 contains an unrestricted file upload caused by insufficient file type validation and bypass of filename sanitization with non-ASCII characters, letting unauthenticated attackers upload arbitrary files and achieve...

8.1CVSS6.3AI score0.04175EPSS
Exploits3References2
Nuclei
Nuclei
added yesterday54 views

Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion

A directory traversal vulnerability in the Community Polls comcommunitypolls component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1081 info: name: Joomla! Component...

5CVSS6.1AI score0.14331EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday54 views

PuneethReddyHC Online Shopping System homeaction.php SQL Injection

An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php catid parameter. Using a post request does not sanitize the user input. id: CVE-2021-41649 info: name: PuneethReddyHC Online Shopping System homeaction.php SQL Injection...

9.8CVSS7.3AI score0.5177EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday54 views

Atlassian Questions For Confluence - Hardcoded Credentials

Atlassian Questions For Confluence contains a hardcoded credentials vulnerability. When installing versions 2.7.34, 2.7.35, and 3.0.2, a Confluence user account is created in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attack...

9.8CVSS7.4AI score0.9817EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday54 views

ClinicCases 7.3.3 Cross-Site Scripting

ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft. id: CVE-2021-38704 info: name:...

6.1CVSS6.4AI score0.03521EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday54 views

Craft CMS <=v3.7.31 - SQL Injection

Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. id: CVE-2024-37843 info: name: Craft CMS =v3.7.31 - SQL Injection author: iamnoooob,rootxharsh,pdresearch severity: critical description: | Craft CMS up to v3.7.31 was discovered to conta...

9.8CVSS6AI score0.51282EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday54 views

TP-Link - OS Command Injection

The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840NEUV5171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field. id: CVE-2021-41653 info: name: TP-Link - OS Command Injection author: gy741 severity: critical...

10CVSS8AI score0.7747EPSS
Exploits1References5
Nuclei
Nuclei
added 5 days ago54 views

WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion

WordPress Nevma Adaptive Images plugin before 0.6.67 allows remote attackers to retrieve arbitrary files via the $REQUEST'adaptive-images-settings''sourcefile' parameter in adaptive-images-script.php. id: CVE-2019-14205 info: name: WordPress Nevma Adaptive Images 0.6.67 - Local File Inclusion...

7.5CVSS7.2AI score0.63375EPSS
Exploits1References5
Nuclei
Nuclei
added 5 days ago54 views

D-Link Central WifiManager - Server-Side Request Forgery

D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an...

8.6CVSS6.9AI score0.44101EPSS
Exploits3References5
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.54 views

Cleo Harmony < 5.8.0.24 - File Upload Vulnerability

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. id: CVE-2024-55956 info: name: Cleo Harmony...

9.8CVSS7.8AI score0.93804EPSS
Exploits4References2
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.54 views

GitLab - Account Takeover via Password Reset

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to a...

10CVSS8.3AI score0.94955EPSS
Exploits16References5
Nuclei
Nuclei
added 8 hours ago53 views

Dify User Enumeration via Observable Response Discrepancy

Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowing an attacker to enumerate email addresses registered with Dify. Version 1.9.0 fixes the issue. id: CVE-2026-28288 info: name: Dify User Enumeratio...

6.9CVSS5.9AI score0.00635EPSS
Exploits1References2
Nuclei
Nuclei
added 8 hours ago53 views

Fortinet FortiOS < 5.6.0 - Cross-Site Scripting

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN. id: CVE-2017-3133 info: name: Fortinet FortiOS 5.6.0 - Cross-Site Scripting author: ritikchaddha severity:...

6.1CVSS6.6AI score0.10677EPSS
Exploits5References2
Total number of security vulnerabilities4139