Lucene search
K
NucleiMost viewed

4139 matches found

Nuclei
Nuclei
added 17 hours ago193 views

Oracle Business Intelligence Publisher - XML External Entity Injection

Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publishe...

7.2CVSS7.1AI score0.05238EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.193 views

strapi CMS <3.0.0-beta.17.5 - Admin Password Reset

strapi CMS before 3.0.0-beta.17.5 allows admin password resets because it mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js. id: CVE-2019-18818 info: name: strapi CMS 3.0.0-beta.17.5 - Admin Password Reset...

9.8CVSS8.2AI score0.97639EPSS
Exploits13References5
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.192 views

Odoo - Cross-Site Scripting

Odoo is a business suite that has features for many business-critical areas, such as e-commerce, billing, or CRM. Versions before the 16.0 release are vulnerable to CVE-2023-1434 and is caused by an incorrect content type being set on an API endpoint. id: CVE-2023-1434 info: name: Odoo - Cross-Si...

6.9AI score
Exploits0References2
Nuclei
Nuclei
added 17 hours ago191 views

Prestashop AttributeWizardPro Module - Arbitrary File Upload

In the Attribute Wizard addon 1.6.9 for PrestaShop allows remote attackers to execute arbitrary code by uploading a php file. id: CVE-2018-10942 info: name: Prestashop AttributeWizardPro Module - Arbitrary File Upload author: MaStErChO severity: critical description: | In the Attribute Wizard add...

9.8CVSS7.6AI score0.12744EPSS
Exploits1References3
Nuclei
Nuclei
added 17 hours ago191 views

D-Link DIR850 ET850-1.08TRb03 - Open Redirect

DLink DIR850 ET850-1.08TRb03 contains incorrect access control vulnerability in URL redirection, which can be used to mislead users to go to untrusted sites. id: CVE-2021-46379 info: name: D-Link DIR850 ET850-1.08TRb03 - Open Redirect author: 0xAkoko severity: medium description: DLink DIR850...

6.1CVSS6.7AI score0.15701EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday191 views

XML-RPC Server - Remote Code Execution

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisor namespace lookups. id: CVE-2017-11610 info: name: XML-RPC Serve...

9CVSS7.5AI score0.87544EPSS
Exploits10References5
Nuclei
Nuclei
added yesterday191 views

WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection

WordPress Secure Copy Content Protection and Content Locking plugin before 2.8.2 contains a SQL injection vulnerability. The plugin does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action, available to both unauthenticated and authenticated users, before using it in a SQL...

9.8CVSS7.3AI score0.78812EPSS
Exploits7References4
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.191 views

Drupal SQL Injection

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing specially crafted keys. id: CVE-2014-3704 info: name: Drupal SQL...

7.5CVSS7.2AI score0.99974EPSS
Exploits20References7
Nuclei
Nuclei
added 17 hours ago190 views

pyload-ng js2py - Remote Code Execution

An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. id: CVE-2024-28397 info: name: pyload-ng js2py - Remote Code Execution author: iamnoooob,rootxharsh,pdresearch severity: medium description: | An issue in the...

5.3CVSS7.1AI score0.04548EPSS
Exploits22References2
Nuclei
Nuclei
added yesterday190 views

PaperCut NG Unauthenticated XMLRPC Functionality

PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch. id: CVE-2023-4568 info: name: PaperCut NG Unauthenticated XMLRPC Functionality...

6.5CVSS6.6AI score0.03568EPSS
Exploits2References2
Nuclei
Nuclei
added 5 days ago190 views

Apache Druid - Local File Inclusion

Apache Druid ingestion system is vulnerable to local file inclusion. The InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of t...

6.5CVSS6.4AI score0.81038EPSS
Exploits3References5
Nuclei
Nuclei
added 17 hours ago189 views

MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template

The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP cod...

9.8CVSS7.8AI score0.05018EPSS
Exploits0References5
Nuclei
Nuclei
added 5 days ago189 views

Apache OFBiz < 18.12.11 - Server Side Request Forgery

Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes th...

7.5CVSS7AI score0.63373EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday188 views

.NET Framework - Leaking ObjRefs via HTTP .NET Remoting

.NET Framework Information Disclosure Vulnerability id: CVE-2024-29059 info: name: .NET Framework - Leaking ObjRefs via HTTP .NET Remoting author: iamnoooob,rootxharsh,DhiyaneshDk,pdresearch severity: high description: .NET Framework Information Disclosure Vulnerability impact: | Attackers can...

7.5CVSS7.2AI score0.98624EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday188 views

Adobe ColdFusion WDDX Deserialization Gadgets

Adobe ColdFusion versions 2023.5 and earlier and 2021.11 and earlier are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-44353 info: name: Adobe ColdFusion WDDX...

9.8CVSS7.4AI score0.80178EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/25 1:31 a.m.188 views

Oracle WebLogic Server - Remote Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent - WLS Security is susceptible to remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. This easily exploitable vulnerability allows unauthenticated attacke...

7.5CVSS7.5AI score0.99993EPSS
Exploits45References5
Nuclei
Nuclei
added 17 hours ago187 views

XWiki >= 6.2-milestone-1 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the DeleteApplication page to perform a XSS, e.g. by using URL such as:...

9.6CVSS6.3AI score0.02377EPSS
Exploits0References2
Nuclei
Nuclei
added 17 hours ago187 views

PrestaShop AdvancedPopupCreator - SQL Injection

In the module “Advanced Popup Creator” advancedpopupcreator from Idnovate for PrestaShop, a guest can perform SQL injection in affected versions. id: CVE-2023-27032 info: name: PrestaShop AdvancedPopupCreator - SQL Injection author: MaStErChO severity: critical description: | In the module...

9.8CVSS7.2AI score0.0304EPSS
Exploits0References2
Nuclei
Nuclei
added 17 hours ago187 views

D-Link - Remote Command Execution

A Remote Command Execution RCE vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file id: CVE-2021-45382 info: name: D-Link - Remote Command Execution author: king-alexander severity: critic...

10CVSS7.4AI score0.97836EPSS
Exploits1References5
Nuclei
Nuclei
added 17 hours ago186 views

SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting

SAP Knowledge Warehouse 7.30, 7.31, 7.40, and 7.50 contain a reflected cross-site scripting vulnerability via the usage of one SAP KW component within a web browser. id: CVE-2021-42063 info: name: SAP Knowledge Warehouse =7.5.1 to mitigate the XSS vulnerability. reference: -...

6.1CVSS6.8AI score0.22318EPSS
Exploits3References5
Nuclei
Nuclei
added 17 hours ago186 views

PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion

Files on the Windows system are accessible without authentication to external parties due to a local file inclusion in PerkinElmer ProcessPlus.This issue affects ProcessPlus through 1.11.6507.0. id: CVE-2024-6911 info: name: PerkinElmer ProcessPlus = 1.11.6507.0 - Local File Inclusion author:...

8.7CVSS7.2AI score0.04944EPSS
Exploits2References4
Nuclei
Nuclei
added 17 hours ago185 views

mooSocial 3.1.8 - External Service Interaction

mooSocial 3.1.8 is vulnerable to external service interaction via multiple parameters in the post function. id: CVE-2023-43323 info: name: mooSocial 3.1.8 - External Service Interaction author: ritikchaddha severity: medium description: | mooSocial 3.1.8 is vulnerable to external service...

6.5CVSS6.6AI score0.0186EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday185 views

Ivanti EPM Cloud Services Appliance Code Injection

Ivanti EPM Cloud Services Appliance CSA before version 4.6.0-512 is susceptible to a code injection vulnerability because it allows an unauthenticated user to execute arbitrary code with limited permissions nobody. id: CVE-2021-44529 info: name: Ivanti EPM Cloud Services Appliance Code Injection...

9.8CVSS7.7AI score0.99105EPSS
Exploits9References5
Nuclei
Nuclei
added 2026/06/25 1:31 a.m.185 views

Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation

Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit users documents with duplicate keysfor 'roles' used for access control within the database, including the special case 'admin' role, th...

10CVSS7.4AI score0.99838EPSS
Exploits21References5
Nuclei
Nuclei
added 17 hours ago183 views

Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)

The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the authredirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled. id: CVE-2023-5089 info: nam...

5.3CVSS6.1AI score0.02235EPSS
Exploits3References3
Nuclei
Nuclei
added 17 hours ago183 views

Honeywell PM43 Printers - Command Injection

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 e.g. P10.19.050006 id:...

9.9CVSS7.2AI score0.33094EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday183 views

Tenda 11N - Authentication Bypass

Tenda 11N with firmware version V5.07.33cn contains an authentication bypass vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-42233 info: name: Tenda 11N -...

9.8CVSS7.2AI score0.42704EPSS
Exploits1References5
Nuclei
Nuclei
added 5 days ago183 views

DotNetNuke 07.04.00 - Administration Authentication Bypass

The installation wizard in DotNetNuke DNN before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx. id: CVE-2015-2794 info: name: DotNetNuke 07.04.00 - Administration Authentication Bypass author: 0xr2r severity...

9.8CVSS7.2AI score0.74552EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday182 views

QNAP QTS Photo Station External Reference - Local File Inclusion

QNAP QTS Photo Station External Reference is vulnerable to local file inclusion via an externally controlled reference to a resource vulnerability. If exploited, this could allow an attacker to modify system files. The vulnerability is fixed in the following versions: QTS 5.0.1: Photo Station 6.1...

10CVSS7.1AI score0.87908EPSS
Exploits0
Nuclei
Nuclei
added 5 days ago182 views

Jfrog Artifactory <6.17.0 - Default Admin Password

Jfrog Artifactory prior to 6.17.0 uses default passwords such as "password" for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. id: CVE-2019-17444 info: name: Jfrog Artifactory...

9.8CVSS7.2AI score0.69445EPSS
Exploits0References4
Nuclei
Nuclei
added 6 days ago182 views

Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution

Zimbra Collaboration Suite ZCS 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication i.e., not having an authtoken, an attacker can upload arbitrary files to the system, leading to directory traversal and remote code...

9.8CVSS7.9AI score0.98234EPSS
Exploits16References5
Nuclei
Nuclei
added 6 days ago182 views

Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL. id: CVE-2019-10098 info: name: Apache HTTP server v2.4.0 to v2.4.39 - Open...

6.1CVSS6.6AI score0.73981EPSS
Exploits1References6
Nuclei
Nuclei
added 17 hours ago181 views

SonarQube - Authentication Bypass

SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. id: CVE-2020-27986 info: name: SonarQube - Authentication Bypass author: pikpikcu severity: high description: | SonarQube 8.4.2.36762 allows remote attackers to...

8.8CVSS7.1AI score0.16183EPSS
Exploits0References5
Nuclei
Nuclei
added 17 hours ago181 views

Deep Sea Electronics DSE855 - Authentication Bypass

Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

6.5CVSS6.5AI score0.02418EPSS
Exploits3References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.181 views

MobileIron Core - Remote Unauthenticated API Access

Ivanti Endpoint Manager Mobile EPMM, formerly MobileIron Core, Since CVE-2023-35082 arises from the same place as CVE-2023-35078, specifically the permissive nature of certain entries in the mifs web application’s security filter chain. id: CVE-2023-35082 info: name: MobileIron Core - Remote...

10CVSS8.7AI score0.99999EPSS
Exploits2References5
Nuclei
Nuclei
added 17 hours ago180 views

qdPM 9.2 - Directory Traversal

qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI. id: CVE-2023-45855 info: name: qdPM 9.2 - Directory Traversal author: DhiyaneshDk severity: high description: | qdPM 9.2 allows Directory Traversal to list files and directories by navigating to t...

7.5CVSS7.1AI score0.0333EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday180 views

Studio-42 elFinder <2.1.60 - Arbitrary File Upload

Studio-42 elFinder 2.0.4 to 2.1.59 is vulnerable to unauthenticated file upload via connector.minimal.php which could allow a remote user to upload arbitrary files and execute PHP code. id: CVE-2021-43421 info: name: Studio-42 elFinder 2.1.60 - Arbitrary File Upload author: akincibor severity:...

9.8CVSS7.4AI score0.42781EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday180 views

Cacti cmd_realtime.php - Command Injection

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...

10CVSS7.7AI score0.94294EPSS
Exploits4References5
Nuclei
Nuclei
added 2026/06/25 5:45 a.m.180 views

SAP NetWeaver Visual Composer Metadata Uploader - Deserialization

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

10CVSS7.4AI score0.99359EPSS
Exploits18References4
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.180 views

Webmin <= 1.920 - Unauthenticated Remote Command Execution

Webmin =1.920. is vulnerable to an unauthenticated remote command execution via the parameter 'old' in passwordchange.cgi. id: CVE-2019-15107 info: name: Webmin = 1.920 - Unauthenticated Remote Command Execution author: bp0lr severity: critical description: Webmin =1.920. is vulnerable to an...

10CVSS8.9AI score0.99766EPSS
Exploits37References5
Nuclei
Nuclei
added yesterday179 views

GLPI 10.0.10-10.0.14 - SQL Injection

GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit a SQL injection vulnerability in the saved searches feature to alter another user account data take control of it. id: CVE-2024-29889 info: name: GLPI 10.0.10-10.0.14 - SQL Injection autho...

8.1CVSS7.2AI score0.6296EPSS
Exploits0References2
Nuclei
Nuclei
added 17 hours ago178 views

AJ-Report < 1.4.1 - Remote Code Execution

AJ-Report before version 1.4.1 is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java code on the victim server through script engine injection in the validation rul...

9.8CVSS6.3AI score0.51468EPSS
Exploits1References4
Nuclei
Nuclei
added 5 days ago178 views

ManageEngine OpManager - Directory Traversal

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability. id: CVE-2023-47211 info: name: ManageEngine...

9.1CVSS7.3AI score0.47024EPSS
Exploits1References3
Nuclei
Nuclei
added 17 hours ago177 views

Zeit Next.js < 4.2.3 - Local File Inclusion

Zeit Next.js before 4.2.3 is susceptible to local file inclusion under the /next request namespace. An attacker can obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2018-6184 info: name: Zeit Next.js =4.2...

7.5CVSS7.1AI score0.0906EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday177 views

Jolokia Agent - JNDI Code Injection

Jolokia agent is vulnerable to a JNDI injection vulnerability that allows a remote attacker to run arbitrary Java code on the server when the agent is in proxy mode. id: CVE-2018-1000130 info: name: Jolokia Agent - JNDI Code Injection author: milo2012 severity: high description: | Jolokia agent i...

8.1CVSS7.5AI score0.73566EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday177 views

Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload

TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats. id: CVE-2021-45428 info: name: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload author: gy741 severity: critical descriptio...

9.8CVSS7.3AI score0.56931EPSS
Exploits5References5
Nuclei
Nuclei
added 6 days ago176 views

WP Fastest Cache 1.2.2 - SQL Injection

The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. id: CVE-2023-6063 info: name: WP Fastest Cache 1.2.2 - SQL Injection author: DhiyaneshDK...

7.5CVSS7.2AI score0.73708EPSS
Exploits11References5
Nuclei
Nuclei
added 2026/06/25 1:31 a.m.176 views

Oracle WebLogic Server - Remote Code Execution

Oracle WebLogic Server Oracle Fusion Middleware component: WLS Core Components is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated...

9.8CVSS8.1AI score0.93168EPSS
Exploits18References5
Nuclei
Nuclei
added 17 hours ago175 views

Netmaker - Hardcoded DNS Secret Key

Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. id: CVE-2023-32077 info: name: Netmaker - Hardcoded DNS Secret Key author: iamnoooob,rootxharsh,pdresearch...

7.5CVSS6.9AI score0.03147EPSS
Exploits0
Nuclei
Nuclei
added yesterday175 views

LearnPress <= 4.2.5.7 - SQL Injection

The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

9.8CVSS7.1AI score0.51394EPSS
Exploits1References5
Total number of security vulnerabilities4139