Lucene search
K
NucleiMost viewed

4139 matches found

Nuclei
Nuclei
•added yesterday•28 views

MapTiler Tileserver-php v2.0 - Unauthenticated XSS

MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET parameter "layer" in an error message, letting unauthenticated attackers execute arbitrary script on victim browsers. id: CVE-2025-44136 info: name: MapTiler Tileserver-php v2.0 - Unauthenticated XSS...

9.8CVSS6.1AI score0.02507EPSS
Exploits2References2
Nuclei
Nuclei
•added yesterday•28 views

Grafana - Exposes DingDing API Keys

An incident occurred where the DingDing alerting integration URL was inadvertently exposed to viewers due to a setting oversight in versions below or equals to 12.0.1. id: CVE-2025-3415 info: name: Grafana - Exposes DingDing API Keys author: lucasribolli severity: medium description: | An inciden...

4.3CVSS6AI score0.0089EPSS
Exploits0References1
Nuclei
Nuclei
•added yesterday•28 views

Netsweeper 4.0.3 - Cross-Site Scripting

A cross-site scripting vulnerability in webadmin/policy/grouptableajax.php/ in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO. id: CVE-2014-9608 info: name: Netsweeper 4.0.3 - Cross-Site Scriptin...

6.1CVSS6.5AI score0.03939EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•28 views

LiteLLM - Arbitrary File Read

LiteLLM 1.83.0 contains a broken access control vulnerability caused by lack of admin role enforcement on /config/update endpoint, letting authenticated users modify configurations, execute code, read files, and take over accounts. id: CVE-2026-35029 info: name: LiteLLM - Arbitrary File Read...

8.8CVSS6AI score0.26409EPSS
Exploits2References3
Nuclei
Nuclei
•added yesterday•28 views

WordPress Photoxhibit 2.1.8 - Cross-Site Scripting

WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials an...

6.1CVSS6.6AI score0.03558EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•28 views

Apache2 - Transfer-Encoding Chunked XSS

Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a reflected cross-site scripting vulnerability caused by mishandling of chunked transfer-encoding requests in sapi/apache2handler/sapiapache2.c. Attackers can execute malicious scripts via crafted...

6.1CVSS6.7AI score0.04103EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•28 views

Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation

A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...

8.8CVSS7.2AI score0.31809EPSS
Exploits8References3
Nuclei
Nuclei
•added yesterday•28 views

EasyCVR <=2.1.2 - Information Disclosure

A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic. This vulnerability affects unknown code of the file /api/v1/getbaseconfig. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit ha...

6.9CVSS5AI score0.0112EPSS
Exploits0References1
Nuclei
Nuclei
•added yesterday•28 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider.php ssl-provider-name and ssl-provider's-url parameters. id: CVE-2018-20009 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD...

4.8CVSS6.2AI score0.04428EPSS
Exploits6References5
Nuclei
Nuclei
•added 4 days ago•28 views

Icinga Web 2 - Arbitrary File Disclosure

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. id: CVE-2022-24716 info:...

7.5CVSS7AI score0.89378EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•28 views

Quest KACE System Management Appliance 8.0.318 - Remote Code Execution

The '/common/downloadagentinstaller.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. id: CVE-2018-11138 info: name: Quest KACE System Management Appliance 8.0.318 - Remote Code Executi...

10CVSS8.8AI score0.91931EPSS
Exploits7References4
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•28 views

Cisco ISE - Remote Code Execution

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to...

10CVSS9.2AI score0.96732EPSS
Exploits10References3
Nuclei
Nuclei
•added 2026/04/23 11:14 a.m.•28 views

Ajax Load More < 7.6.1 - Unauthenticated Sensitive Information Exposure

The Ajax Load More – Infinite Scroll plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.6.0.2. The plugin's AJAX endpoint wpajaxnoprivalmgetposts allows unauthenticated users to access non-public posts draft, private, pending, future, tras...

5.3CVSS5.7AI score0.00661EPSS
Exploits0References1
Nuclei
Nuclei
•added yesterday•27 views

WordPress <= 6.2 - Server Side Request Forgery

WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden. id: CVE-2022-3590 info: name: WordPress = 6.2 - Server Side...

5.9CVSS6.3AI score0.0315EPSS
Exploits5References2
Nuclei
Nuclei
•added yesterday•27 views

Piano LED Visualizer 1.3 - Local File Inclusion

Piano LED Visualizer 1.3 and prior are vulnerable to local file inclusion. id: CVE-2022-24900 info: name: Piano LED Visualizer 1.3 - Local File Inclusion author: 0xAkoko severity: high description: | Piano LED Visualizer 1.3 and prior are vulnerable to local file inclusion. impact: | An attacker...

9.9CVSS7.2AI score0.08038EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•27 views

Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting

WordPress Marmoset Viewer plugin before 1.9.3 contains a cross-site scripting vulnerability. It does not property sanitize, validate, or escape the 'id' parameter before outputting back in the page. id: CVE-2021-24495 info: name: Wordpress Marmoset Viewer 1.9.3 - Cross-Site Scripting author:...

6.1CVSS6.3AI score0.02897EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•27 views

WordPress Integrator 1.32 - Cross-Site Scripting

A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php. id: CVE-2012-5913 info: name: WordPress Integrator 1.32 - Cross-Site Scripti...

4.3CVSS6AI score0.08732EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•27 views

WordPress Easy Student Results <=2.2.8 - Improper Authorization

WordPress Easy Student Results plugin through 2.2.8 is susceptible to information disclosure. The plugin lacks authorization in its REST API, which can allow an attacker to retrieve sensitive information related to courses, exams, and departments, as well as student grades and information such as...

7.5CVSS7AI score0.02801EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•27 views

DotNetNuke 9.2 - 9.2.2 - Weak Encryption & Cookie Deserialization

DNN DotNetNuke versions 9.2 through 9.2.2 use a weak encryption algorithm to protect input parameters because of an incomplete fix for CVE-2018-15811. This cryptographic weakness enables attackers to craft malicious DNNPersonalization cookies that can be deserialized, leading to remote code...

7.5CVSS7.3AI score0.74048EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•27 views

Joomla! Component LoginBox - Local File Inclusion

A directory traversal vulnerability in the LoginBox Pro comloginbox component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1353 info: name: Joomla! Component LoginBox - Local File Inclusion author: daffainfo severity...

5CVSS6.1AI score0.19192EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•27 views

Joomla! Component Picasa 2.0 - Local File Inclusion

A directory traversal vulnerability in the Picasa comjoomlapicasa2 component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1306 info: name: Joomla! Component Picasa 2.0 - Local File Inclusion...

7.5CVSS6.1AI score0.15722EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•27 views

Joomla! Component JRadio - Local File Inclusion

A directory traversal vulnerability in JRadio comjradio component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-4719 info: name: Joomla! Component JRadio - Local File Inclusion...

7.5CVSS6.1AI score0.15786EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•27 views

Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update

The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction function...

9.8CVSS7AI score0.54754EPSS
Exploits6References3
Nuclei
Nuclei
•added yesterday•27 views

Joomla! Component ZiMBCore 0.1 - Local File Inclusion

A directory traversal vulnerability in the ZiMB Core aka ZiMBCore or comzimbcore component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id:...

7.5CVSS6.1AI score0.07402EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•27 views

Enigma NMS < 65.0.0 - Authenticated OS Command Injection

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an authenticated attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action. id:...

10CVSS7.5AI score0.25279EPSS
Exploits5References3
Nuclei
Nuclei
•added yesterday•27 views

Cockpit < 2.4.1 - Arbitrary File Upload

Versions of the package cockpit-hq/cockpit before 2.4.1 are vulnerable to Arbitrary File Upload where an attacker can use different extensions to bypass the upload filter. id: CVE-2025-1025 info: name: Cockpit 2.4.1 - Arbitrary File Upload author: iamnoooob,rootxharsh,pdresearch severity: high...

8.7CVSS7.1AI score0.18583EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•27 views

IP2Location Country Blocker < 2.38.9 - Unauthenticated Information Disclosure

IP2Location Country Blocker plugin for WordPress up to version 2.38.8 contains a regular information exposure caused by missing capability checks on admininit, letting unauthenticated attackers view plugin settings, exploit requires no special conditions. id: CVE-2025-1361 info: name: IP2Location...

7.5CVSS7.1AI score0.01278EPSS
Exploits0References3
Nuclei
Nuclei
•added yesterday•27 views

AdPush < 1.44 - Cross-Site Scripting

The adsense-plugin aka Google AdSense plugin before 1.44 for WordPress has multiple XSS issues. id: CVE-2017-18487 info: name: AdPush 1.44 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The adsense-plugin aka Google AdSense plugin before 1.44 for WordPress has multip...

6.1CVSS6.4AI score0.01464EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•27 views

Prime Mover < 1.9.3 - Sensitive Data Exposure

Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and...

7.5CVSS6.9AI score0.39867EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•27 views

Woo Inquiry <= 0.1 - SQL Injection

The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

10CVSS6AI score0.04317EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•27 views

Cross RSS 1.7 - Local File Inclusion

Absolute path traversal vulnerability in Cross-RSS wp-cross-rss plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php. id: CVE-2014-4941 info: name: Cross RSS 1.7 - Local File Inclusion author: DhiyaneshDK severity: medium...

5CVSS7.4AI score0.04306EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•27 views

Joomla! Component Canteen 1.0 - Local File Inclusion

A SQL injection vulnerability in menu.php in the Canteen comcanteen component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. id: CVE-2010-4977 info: name: Joomla! Component Canteen 1.0 - Local File Inclusion author: daffainfo...

7.5CVSS6.3AI score0.15251EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•27 views

WebGlimpse 2.18.7 - Directory Traversal

A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the DOC parameter. id: CVE-2009-5114 info: name: WebGlimpse 2.18.7 - Directory Traversal author: daffainfo severity: medium description: A...

5CVSS6.1AI score0.13653EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•27 views

Cockpit - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4. id: CVE-2023-4451 info: name: Cockpit - Cross-Site Scripting author: iamnoooob,pdresearch severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository cockpit-hq/cockpit prior...

6.1CVSS6.4AI score0.02268EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•27 views

LearnPress < 4.3.2 - Broken Access Control

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...

5.3CVSS5.9AI score0.00917EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•27 views

Apache Unomi <1.5.2 - Remote Code Execution

Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process. This vulnerability affects all versions of Apache Unomi prior to 1.5.2. id:...

9.8CVSS7.3AI score0.68398EPSS
Exploits9References5
Nuclei
Nuclei
•added yesterday•27 views

Microweber < V.2.0 - Cross-Site Scripting

Reflected Cross-Site Scripting Vulnerability in types GET parameter on the /editortools/rteimageeditor endpoint. id: CVE-2023-5244 info: name: Microweber V.2.0 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | Reflected Cross-Site Scripting Vulnerability in types GET paramete...

6.1CVSS6AI score0.01061EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•27 views

IceWarp Webmail Server v10.2.1 - Cross Site Scripting

Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting XSS vulnerability via the color parameter. id: CVE-2023-37728 info: name: IceWarp Webmail Server v10.2.1 - Cross Site Scripting author: technicaljunkie,r3Y3r53 severity: medium description: | Icewarp Icearp v10.2.1 was...

6.1CVSS6.3AI score0.01116EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•27 views

Swim Team <= v1.44.10777 - Local File Inclusion

The program /wp-swimteam/include/user/download.php allows unauthenticated attackers to retrieve arbitrary files from the system. id: CVE-2015-5471 info: name: Swim Team = v1.44.10777 - Local File Inclusion author: 0xAkoko severity: medium description: The program...

5.3CVSS6.6AI score0.32714EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•27 views

LolLMS < 2.2.0 - Server-Side Request Forgery

A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0. The /api/files/export-content endpoint processes Markdown image URLs by downloading them via downloadimagetotemp in backend/routers/files.py without any validation, allowing an unauthenticated...

7.5CVSS7.5AI score0.01765EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•27 views

WordPress Plugin Tera Charts - Local File Inclusion

Multiple local file inclusion vulnerabilities in Tera Charts tera-charts plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the fn parameter to 1 charts/treemap.php or 2 charts/zoomabletreemap.php. id: CVE-2014-4940 info: name: WordPress Plugin Tera Charts...

5CVSS7.3AI score0.18734EPSS
Exploits2References4
Nuclei
Nuclei
•added yesterday•27 views

XXL-JOB v2.2.0 — Stored Cross Site Scripting

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file. id: CVE-2020-23814 info: name: XXL-JOB v2.2.0 — Stored Cross Site Scripting author:...

6.1CVSS6.5AI score0.01188EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 days ago•27 views

AudioCodes 420HD - Remote Code Execution

AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution. id: CVE-2018-10093 info: name: AudioCodes 420HD - Remote Code Execution author: wisnupramoedya severity: high description: | AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow...

9CVSS7.5AI score0.6819EPSS
Exploits5References5
Nuclei
Nuclei
•added 3 days ago•27 views

Open Web Analytics 1.7.3 - Remote Code Execution

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '?php instead of the intended "?php sequence aren't handled by the PH...

9.8CVSS7.2AI score0.99134EPSS
Exploits14References5
Nuclei
Nuclei
•added 3 days ago•27 views

QNAP Photo Station - Path Traversal

QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files. id: CVE-2019-7195 info: name: QNAP Photo Station - Path Traversal author: s4e-io severity: critical description: | QNAP devices running Pho...

9.8CVSS7.2AI score0.89681EPSS
Exploits10References6
Nuclei
Nuclei
•added 4 days ago•27 views

Axigen Mail Server Filename Directory Traversal

Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. dot dot in the fileName parameter in a download action to source/loggin/pagelogdwnfile.hsp, or the fileName parameter in an edi...

6.4CVSS6.1AI score0.83632EPSS
Exploits3References4
Nuclei
Nuclei
•added 4 days ago•27 views

LiteLLM - SQL Injection

LiteLLM 1.81.16 to 1.83.7 contains a SQL injection caused by improper handling of caller-supplied key in database query during proxy API key checks, letting unauthenticated attackers read and modify database data, exploit requires crafted Authorization header. id: CVE-2026-42208 info: name: LiteL...

9.8CVSS6.2AI score0.86607EPSS
Exploits7References3
Nuclei
Nuclei
•added 2026/06/26 6:13 p.m.•27 views

Majordomo2 - SMTP/HTTP Directory Traversal

A directory traversal vulnerability in the listfileget function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. dot dot sequences in the help command, as demonstrated using 1 a crafted email and 2 cgi-bin/mjwwwusr in the web interface. id:...

5CVSS7.8AI score0.95388EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•27 views

Windows Server Update Service - Insecure Deserialization

Windows Server Update Service contains an insecure deserialization vulnerability caused by deserialization of untrusted data. An unauthorized attacker with network access can exploit this to execute arbitrary code remotely, potentially leading to full system compromise. id: CVE-2025-59287 info:...

9.8CVSS8.9AI score0.99962EPSS
Exploits24References5
Nuclei
Nuclei
•added 2026/04/30 5:10 a.m.•27 views

ZTE ZXHN-F660T/F660A - Default Credentials

ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. With the knowledge of the credential, an attacker may log in to the affected devices. id: CVE-2025-53558 info: name: ZTE ZXHN-F660T/F660A - Default Credentials author: DhiyaneshDK severity: high...

8.8CVSS8AI score0.0135EPSS
Exploits0References2
Total number of security vulnerabilities4139