Lucene search
K
NucleiMost viewed

4136 matches found

Nuclei
Nuclei
•added yesterday•39 views

AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls

The plugin lacks sufficient access controls allowing an unauthenticated user to disconnect the plugin from OpenAI, thereby disabling the plugin. Multiple actions are accessible: ayschatgptdisconnect, ayschatgptconnect, and ayschatgptsavefeedback id: CVE-2024-7714 info: name: AI Assistant with...

7.5CVSS5.9AI score0.00848EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•39 views

Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting

Zyxel ZyWall, USG, and UAG devices allow remote attackers to inject arbitrary web script or HTML via the errmsg parameter freetimefailed.cgi CGI program, aka reflective cross-site scripting. id: CVE-2019-12581 info: name: Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting author: n-thumann...

6.1CVSS6.2AI score0.064EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•39 views

WebTareas 2.4p5 - Cross-Site Scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. id: CVE-2022-44957 info: name: WebTareas...

5.4CVSS6.2AI score0.0104EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•39 views

Rukovoditel <= 3.2.1 - Cross Site Scripting

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking...

5.4CVSS6.2AI score0.00906EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•39 views

NetScaler Console - Sensitive Information Disclosure

Sensitive information disclosure in NetScaler Console id: CVE-2024-6235 info: name: NetScaler Console - Sensitive Information Disclosure author: DhiyaneshDk severity: critical description: | Sensitive information disclosure in NetScaler Console impact: | Attackers can access sensitive information...

9.4CVSS7.3AI score0.21331EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 days ago•39 views

Linear eMerge E3-Series - Information Disclosure

Linear eMerge E3-Series devices are susceptible to information disclosure. Admin credentials are stored in clear text at the endpoint /test.txt in situations where the default admin credentials have been changed. An attacker can obtain admin credentials, access the admin dashboard, control buildi...

8.2CVSS7.2AI score0.05055EPSS
Exploits3References5
Nuclei
Nuclei
•added 2 days ago•39 views

Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection

Nagios XI 5.5.6 through 5.7.5 is susceptible to authenticated remote command injection. There is improper sanitization of authenticated user-controlled input by a single HTTP request via the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php. This in turn can lead to remot...

9CVSS7.5AI score0.42935EPSS
Exploits6References5
Nuclei
Nuclei
•added 2 days ago•39 views

WebTitan < 3.60 - Local File Inclusion

Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. dot dot in the fname parameter in a view action. id: CVE-2011-4640 info: name: WebTitan 3.60 - Local File Inclusion author: ctflearner severity:...

4CVSS6.1AI score0.07323EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 days ago•39 views

D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure

A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. id: CVE-2024-3274 info: name: D-LINK...

5.3CVSS5.7AI score0.33484EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 days ago•39 views

WAVLINK WN535 G3 - Information Disclosure

WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to information disclosure in the livemfg.shtml page. An attacker can obtain sensitive router information via the exec cmd function and possibly obtain additional sensitive information, modify data, and/or execute unauthorized operations. id:...

7.5CVSS6.8AI score0.07142EPSS
Exploits2References5
Nuclei
Nuclei
•added 2 days ago•39 views

Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion

A directory traversal vulnerability in the Gadget Factory comgadgetfactory component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1956 info: name: Joomla! Component Gadget Factory 1.0.0 - Local...

7.5CVSS6.1AI score0.17003EPSS
Exploits1References5
Nuclei
Nuclei
•added 2 days ago•39 views

Linear eMerge E3 - Cross-Site Scripting

Linear eMerge E3-Series devices are vulnerable to cross-site scripting via the 'layout' parameter. id: CVE-2019-7255 info: name: Linear eMerge E3 - Cross-Site Scripting author: arafatansari severity: medium description: | Linear eMerge E3-Series devices are vulnerable to cross-site scripting via...

6.1CVSS6.6AI score0.55807EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•39 views

Joomla! Component Archery Scores 1.0.6 - Local File Inclusion

A directory traversal vulnerability in archeryscores.php in the Archery Scores comarcheryscores component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1718 info: name: Joomla! Compone...

6.8CVSS6.2AI score0.09455EPSS
Exploits1References3
Nuclei
Nuclei
•added 2 days ago•39 views

WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read

WordPress MultiSafepay for WooCommerce plugin through 4.13.1 contains an arbitrary file read vulnerability. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-33901 info:...

7.5CVSS7.2AI score0.02193EPSS
Exploits0References5
Nuclei
Nuclei
•added 2 days ago•39 views

Virtua Software Cobranca <12R - Blind SQL Injection

Virtua Cobranca before 12R allows blind SQL injection on the login page. id: CVE-2021-37589 info: name: Virtua Software Cobranca 12R - Blind SQL Injection author: princechaddha severity: high description: | Virtua Cobranca before 12R allows blind SQL injection on the login page. impact: |...

7.5CVSS7.1AI score0.29667EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•39 views

Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors. id: CVE-2020-8615 info: name: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Reque...

6.5CVSS6.6AI score0.0883EPSS
Exploits6References5
Nuclei
Nuclei
•added 2 days ago•39 views

WAVLINK WN530HG4 - Improper Access Control

WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IPADDRESS/setsafety.shtml?r=52300 and searching for var syspasswd and thereby possibly obtain sensitive information, modify data, and/or execute...

7.5CVSS7.1AI score0.17444EPSS
Exploits4References5
Nuclei
Nuclei
•added 2 days ago•39 views

Joomla! Component redSHOP 1.0 - Local File Inclusion

A directory traversal vulnerability in the redSHOP comredshop component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1531 info: name: Joomla! Component redSHOP 1.0 - Local File Inclusion author: daffainfo...

7.5CVSS6.1AI score0.16915EPSS
Exploits1References5
Nuclei
Nuclei
•added 2 days ago•39 views

WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting

WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the galleryid, tag, albumid and themeid GET parameters passed to the bwgfrontenddata AJAX action, available to both unauthenticated and authenticated users. id: CVE-2021-2429...

6.1CVSS6.5AI score0.1445EPSS
Exploits2References3
Nuclei
Nuclei
•added 3 days ago•39 views

Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the traceroute function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic...

10CVSS7.3AI score0.39544EPSS
Exploits1References3
Nuclei
Nuclei
•added 3 days ago•39 views

Telesquare TLR-2855KS6 - Arbitrary File Deletion

An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts. id: CVE-2021-46419 info: name: Telesquare TLR-2855KS6 - Arbitrary File Deletion author: DhiyaneshDK severity: critical description: | An unauthorized file deleti...

9.1CVSS7.2AI score0.71384EPSS
Exploits4References3
Nuclei
Nuclei
•added 4 days ago•39 views

Cisco SSM On-Prem <= 8-202206 - Password Reset Account Takeover

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...

10CVSS7.4AI score0.80767EPSS
Exploits3References5
Nuclei
Nuclei
•added 4 days ago•39 views

Symfony Profiler - Remote Access via Injected Arguments

symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the registerargvargc php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by...

7.3CVSS7.1AI score0.63422EPSS
Exploits0References5
Nuclei
Nuclei
•added 4 days ago•39 views

Kubernetes Dashboard <1.10.1 - Authentication Bypass

Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...

7.5CVSS7.1AI score0.70372EPSS
Exploits1References5
Nuclei
Nuclei
•added 5 days ago•39 views

Apache Struts - Multiple Open Redirection Vulnerabilities

Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input. id: CVE-2013-2248 info: name: Apache Struts - Multiple Open Redirection Vulnerabilities author: 0xAkoko severity: medium description: Apache Struts is prone ...

5.8CVSS6.8AI score0.94654EPSS
Exploits4References5
Nuclei
Nuclei
•added 5 days ago•39 views

Agentejo Cockpit <0.12.0 - NoSQL Injection

Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the Auth controller, which is responsible for displaying the user password reset form. id: CVE-2020-35848 info: name: Agentejo Cockpit 0.12.0 - NoSQL Injection author: dwisiswant0 severity: critical...

9.8CVSS7.3AI score0.74989EPSS
Exploits5References5
Nuclei
Nuclei
•added 6 days ago•39 views

Citrix NetScaler Memory Disclosure - CitrixBleed 2

Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway id: CVE-2025-5777 info: name: Citrix NetScaler Memory Disclosure - CitrixBleed 2 author: watchtowr,DhiyaneshDk,darses severity: critical description: | Insufficient...

9.3CVSS7.5AI score0.99897EPSS
Exploits18References3
Nuclei
Nuclei
•added last week•39 views

Veeam Backup & Replication - Unauthenticated

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution RCE. id: CVE-2024-40711 info: name: Veeam Backup & Replication - Unauthenticated author: rootxharsh,iamnoooob,DhiyaneshDK severity: critical description: | A deserializati...

9.8CVSS8.1AI score0.88193EPSS
Exploits3References3
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•39 views

VMware Workspace ONE Access - Server-Side Template Injection

VMware Workspace ONE Access is susceptible to a remote code execution vulnerability due to a server-side template injection flaw. An unauthenticated attacker with network access could exploit this vulnerability by sending a specially crafted request to a vulnerable VMware Workspace ONE or Identit...

10CVSS9.4AI score0.99997EPSS
Exploits24References4
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•39 views

Joomla! <3.7.1 - SQL Injection

Joomla! before 3.7.1 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2017-8917 info: name: Joomla! 3.7.1 - SQL Injection...

9.8CVSS8.9AI score0.99826EPSS
Exploits21References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•39 views

MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution

A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database RDB version 2.0.0.1 and earlier contain...

9.8CVSS9.8AI score0.99737EPSS
Exploits4
Nuclei
Nuclei
•added 2023/06/05 7:3 a.m.•39 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter. id: CVE-2022-31879 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat,j4vaovo severity: high description: | Online Fire Reporting System 1.0 is vulnerable to SQL Injection via t...

8.8CVSS9.1AI score0.01195EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•38 views

FUDForum 3.1.0 - Cross-Site Scripting

FUDForum 3.1.0 contains a cross-site scripting vulnerability which allows remote attackers to inject JavaScript via index.php in the "srch" parameter. id: CVE-2021-27519 info: name: FUDForum 3.1.0 - Cross-Site Scripting author: kh4sh3i severity: medium description: | FUDForum 3.1.0 contains a...

6.1CVSS6.4AI score0.07604EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•38 views

OpenCATS 0.9.6 - Cross-Site Scripting

OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch oth...

6.1CVSS6.4AI score0.01333EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•38 views

Prismatic < 2.8 - Cross-Site Scripting

The plugin does not escape the 'tab' GET parameter before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator id: CVE-2021-24409 info: name: Prismatic 2.8 - Cross-Site Scripting author: Harsh...

6.1CVSS6.4AI score0.01793EPSS
Exploits2References2
Nuclei
Nuclei
•added yesterday•38 views

WebCTRL OEM <= 6.5 - Cross-Site Scripting

WebCTRL OEM 6.5 and prior is susceptible to a cross-site scripting vulnerability because the login portal does not sanitize the operatorlocale GET parameter. id: CVE-2021-31682 info: name: WebCTRL OEM = 6.5 - Cross-Site Scripting author: gy741,dhiyaneshDk severity: medium description: WebCTRL OEM...

6.1CVSS6.3AI score0.10509EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•38 views

Eventum <3.4.0 - Open Redirect

Eventum before 3.4.0 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-16761 info: name: Eventum 3.4.0 - Open Redirect author: 0xAkoko severity:...

6.1CVSS6.3AI score0.02201EPSS
Exploits0References4
Nuclei
Nuclei
•added yesterday•38 views

Joomla! Component Advertising 0.25 - Local File Inclusion

A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...

6.8CVSS6.1AI score0.08163EPSS
Exploits2References4
Nuclei
Nuclei
•added yesterday•38 views

AppCMS - Cross-Site Scripting

AppCMS 2.0.101 has a cross-site scripting vulnerability in \templates\m\inchead.php. id: CVE-2021-45380 info: name: AppCMS - Cross-Site Scripting author: pikpikcu severity: medium description: AppCMS 2.0.101 has a cross-site scripting vulnerability in \templates\m\inchead.php. impact: | Successfu...

6.1CVSS6.3AI score0.02542EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•38 views

Imgproxy < 3.27.2 - Server-Side Request Forgery (SSRF)

imgproxy contains an issue caused by not blocking the 0.0.0.0 address even when IMGPROXYALLOWLOOPBACKSOURCEADDRESSES is set to false, letting local services be exposed, exploit requires network access. id: CVE-2025-24354 info: name: Imgproxy 3.27.2 - Server-Side Request Forgery SSRF author:...

5.3CVSS7AI score0.00844EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•38 views

Directory Management System 1.0 - SQL Injection

Directory Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the...

9.8CVSS7.3AI score0.19478EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•38 views

Citrix Netscaler ADC & Gateway - Out-Of-Bounds Memory Read

The vulnerability would enable an attacker to remotely obtain sensitive information from a NetScaler appliance configured as a Gateway or AAA virtual server via a very commonly connected Web interface, and without requiring authentication. This bug is nearly identical to the Citrix Bleed...

8.2CVSS7.2AI score0.57633EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•38 views

PHPJabbers Cleaning Business 1.0 - Cross-Site Scripting

The attacker can send to victim a link containing a malicious URL in an email or instant message can perform a wide variety of actions, such as stealing the victim's session token or login credentials. id: CVE-2023-4115 info: name: PHPJabbers Cleaning Business 1.0 - Cross-Site Scripting author:...

6.1CVSS6AI score0.05177EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•38 views

JS Help Desk <= 2.8.2 - SQL Injection

JS Help Desk WordPress plugin 2.8.2 contains a SQL injection caused by insufficient escaping and preparation of user-supplied values in 'js-support-ticket-token-tkstatus' cookie, letting unauthenticated attackers extract sensitive database information, exploit requires no authentication. id:...

7.5CVSS6AI score0.01317EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•38 views

Ellucian Ethos Identity CAS - Cross-Site Scripting

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. id: CVE-2023-2822...

6.1CVSS3.9AI score0.03301EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•38 views

Testimonials by BestWebSoft < 0.1.9 - Cross-Site Scripting

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues. id: CVE-2017-18558 info: name: Testimonials by BestWebSoft 0.1.9 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS...

6.1CVSS6.4AI score0.01384EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•38 views

REST API TO MiniProgram <= 4.7.1 - SQL Injection

The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/watch-life-net/v1/comment/getcomments REST API endpoint in all versions up to, and including, 4.7.1 due to insufficient escaping on the user supplied parameter and lack of...

7.5CVSS6AI score0.03792EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•38 views

Twisted - Open Redirect & XSS

Twisted is an event-based framework for internet applications, supporting Python 3.6+. The Twisted web framework's redirectTo function is vulnerable to reflected XSS if an attacker can control the redirect URL. This template tests for an open redirect and XSS vulnerability in the URL parameter...

6.1CVSS6.6AI score0.01109EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•38 views

ShokoServer System - Local File Inclusion (LFI)

ShokoServer is a media server which specializes in organizing anime. In affected versions the /api/Image/WithPath endpoint is accessible without authentication and is supposed to return default server images. The endpoint accepts the parameter serverImagePath, which is not sanitized in any way...

8.6CVSS7.3AI score0.08147EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•38 views

Free5gc 3.2.1 - Information Disclosure

Free5gc 3.2.1 is susceptible to information disclosure. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-38870 info: name: Free5gc 3.2.1 - Information Disclosure author: For3stCo1d severity: high description: | Free5gc 3.2.1 ...

7.5CVSS7.1AI score0.02863EPSS
Exploits1References5
Total number of security vulnerabilities4136