Lucene search
K
NucleiMost viewed

4136 matches found

Nuclei
Nuclei
added 11 hours ago16 views

LoLLMS WebUI < 9.8 - Path Traversal

parisneo/lollms-webui contains a path traversal caused by improper handling of 'category' parameter in /listpersonalities endpoint, letting attackers list arbitrary directories, exploit requires control over 'category' parameter. id: CVE-2024-4322 info: name: LoLLMS WebUI 9.8 - Path Traversal...

7.5CVSS7.2AI score0.30987EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

Sunshine Photo Cart <= 3.2.5 - Reflected Cross-Site Scripting

WP Sunshine Sunshine Photo Cart versions up to 3.2.5 contain a reflected cross-site scripting caused by improper input neutralization during web page generation, letting attackers execute malicious scripts in users' browsers, exploit requires attacker to craft malicious input. id: CVE-2024-43971...

7.1CVSS5.8AI score0.00593EPSS
Exploits0References2
Nuclei
Nuclei
added 11 hours ago16 views

The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticated Privilege Escalation

The Opal Estate Pro plugin ≤ 1.7.5 is vulnerable to privilege escalation. Due to missing role restrictions in the onregisteruser function, users can register with any role. This allows unauthenticated attackers to create administrator accounts. id: CVE-2025-6934 info: name: The Opal Estate Pro –...

9.8CVSS5.9AI score0.22334EPSS
Exploits12References2
Nuclei
Nuclei
added 11 hours ago16 views

Webnus Inc. Modern Events Calendar - Broken Access Control

Webnus Inc. Modern Events Calendar = 7.29.0 contains a broken access control vulnerability caused by incorrectly configured access control security levels, letting attackers bypass authorization, exploit requires no special privileges. id: CVE-2026-32583 info: name: Webnus Inc. Modern Events...

5.3CVSS5.9AI score0.007EPSS
Exploits0References1
Nuclei
Nuclei
added 11 hours ago16 views

WordPress midi-Synth <= 1.1.0 - Unauthenticated Arbitrary File Upload

WordPress midi-Synth plugin \u003C= 1.1.0 contains an unrestricted file upload vulnerability caused by missing file type and extension validation in the 'export' AJAX action, letting unauthenticated attackers upload arbitrary files and potentially execute remote code, exploit requires attacker to...

9.8CVSS6.2AI score0.04458EPSS
Exploits1References1
Nuclei
Nuclei
added 11 hours ago16 views

PHPJabbers Fundraising Script v1.0 - Cross-Site Scripting

PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting XSS via the "action" parameter of index.php. id: CVE-2023-40751 info: name: PHPJabbers Fundraising Script v1.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | PHPJabbers Fundraising Script v1.0 is...

6.1CVSS6.4AI score0.01044EPSS
Exploits0References2
Nuclei
Nuclei
added 11 hours ago16 views

Push Notification for Post and BuddyPress <= 1.93 - SQL Injection

Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to SQL Injection via the 'onesignalexternalid' and 'onesignalgetsubscriptionoptionsid' paramters in all versions up to, and including, 1.93 due to insufficient escaping on the user supplied parameter and lack of sufficie...

9.8CVSS6AI score0.02491EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

QVIS NVR/DVR - Remote Code Execution

QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. id: CVE-2021-41419 info: name: QVIS NVR/DVR - Remote Code Execution author: me9187 severity: critical description: | QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java...

9.8CVSS7.3AI score0.06757EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)

The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object. id: CVE-2017-5983 info: name:...

9.8CVSS7.4AI score0.16239EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

Spam protection, AntiSpam, FireWall by CleanTalk < 5.153.4 - Unauthenticated Blind SQL Injection

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be injected v...

7.5CVSS7.1AI score0.04691EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

Complete Online Job Search System 1.0 - Cross-Site Scripting

Complete Online Job Search System 1.0 contains a cross-site scripting vulnerability via index.php?q=advancesearch. id: CVE-2022-29316 info: name: Complete Online Job Search System 1.0 - Cross-Site Scripting author: arafatansari severity: high description: | Complete Online Job Search System 1.0...

9.8CVSS7.1AI score0.03139EPSS
Exploits0References2
Nuclei
Nuclei
added 11 hours ago16 views

Contact Form Generator <= 2.5.5 - Cross-Site Scripting

The Contact Form Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'id' parameter in wp-admin/admin.php in versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

7.1CVSS6.9AI score0.01231EPSS
Exploits3References2
Nuclei
Nuclei
added 11 hours ago16 views

WordPress Frontend File Manager < 4.0 & N-Media Post Frontend < 1.1 - Arbitrary File Upload

The Frontend File Manager plugin 4.0 and N-Media Post Front-end Form plugin 1.1 for WordPress were vulnerable to arbitrary file uploads due to missing file type validation. This allowed unauthenticated attackers to upload arbitrary files and potentially achieve remote code execution. id:...

9.8CVSS6.3AI score0.05515EPSS
Exploits2References5
Nuclei
Nuclei
added 11 hours ago16 views

Drupal 7 CKEditor XSS

CKEditor 4.14.0 through 4.16.x before 4.16.1 contains a reflected cross-site scripting caused by mishandling in comments, letting remote attackers inject executable JavaScript code, exploit requires victim to view malicious content. id: CVE-2021-33829 info: name: Drupal 7 CKEditor XSS author:...

6.1CVSS6.7AI score0.03189EPSS
Exploits0References4
Nuclei
Nuclei
added 11 hours ago16 views

WP Go Maps <= 9.0.29 - Cross-Site Scripting

WP Go Maps formerly WP Google Maps plugin for WordPress versions before 9.0.30 is vulnerable to Reflected Cross-Site Scripting via the 'mapid' parameter in the admin map edit page. id: CVE-2024-29931 info: name: WP Go Maps = 9.0.29 - Cross-Site Scripting author: Shivam Kamboj severity: medium...

7.1CVSS7.2AI score0.00753EPSS
Exploits0References3
Nuclei
Nuclei
added 11 hours ago16 views

ONLYOFFICE Docs (DocumentServer) - Reflected Cross-Site Scripting

ONLYOFFICE Docs DocumentServer = 8.3.1 contains a reflected XSS caused by improper sanitization of crafted HTTP POST requests via the WOPI protocol, letting attackers inject malicious scripts reflected in HTML response, exploit requires crafted POST requests. id: CVE-2025-5301 info: name:...

6.1CVSS6.4AI score0.36306EPSS
Exploits1References5
Nuclei
Nuclei
added 11 hours ago16 views

Pritunl VPN Server 1.29.2145.25 - Username Enumeration

Pritunl 1.29.2145.25 contains a username enumeration issue caused by different error responses in /auth/session login attempts, letting attackers verify valid usernames, exploit requires network access to the login endpoint. id: CVE-2020-25200 info: name: Pritunl VPN Server 1.29.2145.25 - Usernam...

5.3CVSS6.2AI score0.0747EPSS
Exploits1References1
Nuclei
Nuclei
added 11 hours ago16 views

Devika - Local File Inclusion

A local file read vulnerability exists in the stitionai/devika repository, affecting the latest version. The vulnerability is due to improper handling of the 'snapshotpath' parameter in the '/api/get-browser-snapshot' endpoint. An attacker can exploit this vulnerability by crafting a request with...

7.5CVSS7.2AI score0.02073EPSS
Exploits1References3
Nuclei
Nuclei
added 11 hours ago16 views

User Profile Picture < 2.5.0 - Sensitive Information Disclosure

The REST API endpoint getusers in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the uploadfiles capability. This included password hashes, hashed user activation keys, usernames, emails, and other less...

7.5CVSS7AI score0.04788EPSS
Exploits2References3
Nuclei
Nuclei
added 11 hours ago16 views

Intelbras WRN 150 - Authentication Bypass

Intelbras WRN 150 router is vulnerable to authentication bypass through cookie manipulation. An attacker can bypass authentication and download the router configuration file by manipulating the admin:language cookie. id: CVE-2017-14942 info: name: Intelbras WRN 150 - Authentication Bypass author:...

9.8CVSS6.9AI score0.60857EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

idcCMS V1.60 - Cross-Site Scripting

idcCMS V1.60 is vulnerable to reflected cross-site scripting XSS via the idName parameter in read.php. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2024-11587 info: name: idcCMS V1.60 - Cross-Site Scripting author: ritikchaddha severity:...

6.1CVSS5.9AI score0.00886EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

ArForms < 6.6 - Remote Code Execution

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form id: CVE-2024-4620 info: name: ArForms 6.6 - Remote Code Execution autho...

9.8CVSS6AI score0.03345EPSS
Exploits2References1
Nuclei
Nuclei
added 11 hours ago16 views

phpMyFAQ < 3.1.8 - Cross-Site Scripting

phpMyFAQ versions prior to 3.1.8 contain a reflected cross-site scripting vulnerability in the search functionality. The application fails to properly sanitize user input in the search parameter, allowing attackers to inject and execute malicious JavaScript code in the context of other users'...

7.3CVSS6.9AI score0.05743EPSS
Exploits3References3
Nuclei
Nuclei
added 11 hours ago16 views

FastChat - Open Redirect

Detects an open redirect vulnerability in lm-sys/fastchat version 0.2.36, which allows attackers to redirect users to malicious URLs. id: CVE-2024-10908 info: name: FastChat - Open Redirect author: DhiyaneshDK severity: medium description: | Detects an open redirect vulnerability in lm-sys/fastch...

6.1CVSS6.4AI score0.00764EPSS
Exploits1References1
Nuclei
Nuclei
added 11 hours ago16 views

Electrolink FM/DAB/TV Transmitter - Credentials Disclosure

A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext. id: CVE-2025-28228 info: name: Electrolink FM/DAB/TV Transmitter - Credentials Disclosure...

7.5CVSS6AI score0.01583EPSS
Exploits1References1
Nuclei
Nuclei
added 11 hours ago16 views

Moodle LMS Jmol Plugin <= 6.1 - Cross-Site Scripting

A reflected cross-site scripting XSS vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the data parameter in jsmol.php. The application fails to properly sanitize user input before embedding it into the HTTP response, allowing an attacker to execute arbitrary JavaScript...

6.1CVSS6AI score0.00626EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

XWiki <= 17.3.0 - Server-Side Template Injection (SSTI)

XWiki = 17.3.0 contains a server-side template injection caused by improper validation of Apache Velocity template code in the Administration interface HTTP Meta Info field, letting authenticated administrators execute arbitrary template logic. id: CVE-2025-51991 info: name: XWiki = 17.3.0 -...

8.8CVSS7.4AI score0.03366EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago16 views

Duplicate Page WordPress - Stored Cross-Site Scripting

Duplicate Page WordPress plugin = 4.4.2 contains a stored cross-site scripting caused by unsanitized Duplicate Post Suffix settings in output, letting high privilege users execute malicious scripts, exploit requires high privilege user role. id: CVE-2021-24681 info: name: Duplicate Page WordPress...

4.8CVSS5.8AI score0.0087EPSS
Exploits2References3
Nuclei
Nuclei
added 11 hours ago16 views

Peplink Balance Two before 8.4.0 - Unauthenticated Config Upload

A vulnerability in Peplink Balance Two prior to version 8.4.0 allows unauthenticated attackers to modify captive portal configurations due to a missing authorization check. Specifically, attackers can upload files via /guest/portaladminupload.cgi, with the changes reflected at...

8.8CVSS7.2AI score0.0205EPSS
Exploits1References3
Nuclei
Nuclei
added 11 hours ago16 views

XWiki Platform - Path Traversal

XWiki Platform 4.2-milestone-2 through 16.10.6 contains a path traversal caused by improper access control in jsx and sx endpoints, letting remote attackers read configuration files, exploit requires no special privileges. id: CVE-2025-55748 info: name: XWiki Platform - Path Traversal author:...

9.3CVSS7.1AI score0.01639EPSS
Exploits0References3
Nuclei
Nuclei
added 11 hours ago16 views

WeGIA <= 3.6.4 - Remote Code Execution

WeGIA = 3.6.5 contains a remote code execution caused by improper validation of backup file names in the database restoration functionality, letting attackers with administrative access execute arbitrary OS commands id: CVE-2026-28409 info: name: WeGIA = 3.6.4 - Remote Code Execution author:...

10CVSS6.8AI score0.03315EPSS
Exploits1References3
Nuclei
Nuclei
added 11 hours ago16 views

Mailcow < 2026-03b - Href Link Injection

mailcow 2026-03b reflects raw REQUESTURI into JavaScript and href links on the login page, allowing attackers to inject parameters that break JS logic and enable phishing. id: CVE-2026-40878 info: name: Mailcow 2026-03b - Href Link Injection author: ritikchaddha severity: low description: | mailc...

2.1CVSS6AI score0.00805EPSS
Exploits0References3
Nuclei
Nuclei
added 11 hours ago16 views

Flowise 1.4.3 - Arbitrary File Read

Flowise 1.4.3 contains a path traversal caused by lack of sanitization of 'fileName' parameter in /api/v1/openai-assistants-file endpoint in index.ts, letting attackers read arbitrary files, exploit requires attacker to send crafted request. id: CVE-2024-36420 info: name: Flowise 1.4.3 - Arbitrar...

7.5CVSS7.2AI score0.01761EPSS
Exploits3References3
Nuclei
Nuclei
added 11 hours ago16 views

Web-Check < 2.0.1 Screenshot API - OS Command Injection

Lissy93/web-check contains a command injection caused by unsanitized user input in the screenshot API, letting attackers execute arbitrary system commands, exploit requires sending crafted url parameters. id: CVE-2025-32778 info: name: Web-Check 2.0.1 Screenshot API - OS Command Injection author:...

9.3CVSS6.1AI score0.19976EPSS
Exploits4References4
Nuclei
Nuclei
added 11 hours ago16 views

FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting

The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the playerid parameter found in the /view/stats.php file which allows attackers to inject arbitrary web scripts in versions 7.5.0.727 - 7.5.2.727. id: CVE-2021-39350 info: name: FV Flowplayer Video...

6.1CVSS6.5AI score0.02135EPSS
Exploits0References5
Nuclei
Nuclei
added 11 hours ago16 views

Planon <Live Build 41 - Cross-Site Scripting

Planon before Live Build 41 is vulnerable to cross-site scripting. id: CVE-2018-18570 info: name: Planon Live Build 41 - Cross-Site Scripting author: emadshanab severity: medium description: Planon before Live Build 41 is vulnerable to cross-site scripting. impact: | Successful exploitation of th...

6.1CVSS6AI score0.02465EPSS
Exploits1References3
Nuclei
Nuclei
added 11 hours ago16 views

Formidable Form Builder < 2.05.03 - Unauthenticated Information Disclosure

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frmformspreview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form. id: CVE-2017-20194 info...

5.3CVSS5.9AI score0.01098EPSS
Exploits1References3
Nuclei
Nuclei
added 11 hours ago16 views

Aquatronica Controller System <= 5.1.6 - Information Disclosure

Aquatronica Controller System firmware 5.1.6 and earlier and web interface 2.0 and earlier contain an information disclosure vulnerability caused by unauthenticated access to tcp.php endpoint, letting remote attackers retrieve sensitive configuration data including plaintext credentials, exploit...

9.3CVSS6AI score0.01443EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday16 views

BMC FootPrints 'feedUrl' - Server-Side Request Forgery

BMC FootPrints versions 20.20.02 through 20.24.01.001 contain a Server-Side Request Forgery SSRF vulnerability in the /footprints/servicedesk/externalfeed/RSS endpoint. The 'feedUrl' parameter allows unauthenticated attackers to force the server to make HTTP requests to arbitrary URLs, enabling...

8.8CVSS6.2AI score0.3436EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday16 views

Teleport - Authentication Bypass

Teleport versions prior to 17.5.2 are vulnerable to a remote authentication bypass vulnerability. This issue allows attackers to gain unauthorized access to affected systems. id: CVE-2025-49825 info: name: Teleport - Authentication Bypass author: pdteam severity: critical description: | Teleport...

9.8CVSS6.5AI score0.07754EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday16 views

Kentico Xperience 13 CMS - Staging Service Authentication Bypass (WT-2025-0011)

Before Kentico Xperience 13 Hotfix 173, this vulnerability can be exploited with any username provided. For Hotfix = 173 and = 173 and 178, this vulnerability can be exploited only if you provide a valid Staging Service username default: admin impact: | Unauthenticated attackers can bypass...

9.8CVSS6.1AI score0.58431EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday16 views

PHPCMS 2008 - Remote Code Execution via Template Injection

PHPCMS 2008 suffers from an unauthenticated RCE via template injection in type.php, where attacker-supplied content is written into a PHP template cache file, which is then executable. id: CVE-2018-19127 info: name: PHPCMS 2008 - Remote Code Execution via Template Injection author: tomaquet18...

9.8CVSS7.2AI score0.20766EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday16 views

Xfilesharing 2.5.1 - Arbitrary File Upload

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload.This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP. id: CVE-2019-18952 info: name: Xfilesharing 2.5.1 - Arbitrary File Upload...

9.8CVSS7.8AI score0.45361EPSS
Exploits6References3
Nuclei
Nuclei
added yesterday16 views

Blink Router - Command Injection

Blink routers BL-WR9000 V2.4.9 , BL-AC2100AZ3 V1.0.4, BL-X10AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200AT1 v1.0.0, BL-X26AC8 v1.2.8, BLAC450MAE4 v4.0.0 and BL-X26DA3 v1.2.7 were discovered to contain a command injection vulnerability via the bsSetSSIDHide function. id: CVE-2025-45985 info: name: Blin...

9.8CVSS7.2AI score0.07116EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday16 views

PyArrow Flight RPC - Remote Code Execution

PyArrow Flight RPC from v0.14.0 through v14.0.0 allows remote attackers to execute arbitrary code via a maliciously crafted Python-defined extension type. id: CVE-2023-47248 info: name: PyArrow Flight RPC - Remote Code Execution author: smolse severity: critical description: | PyArrow Flight RPC...

9.8CVSS7.3AI score0.14414EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday16 views

Newspaper Theme 6.4–6.7.1 - Privilege Escalation

Newspaper Theme versions 6.4 to 6.7.1 for WordPress lacked proper options access control through tdajaxupdatepanel, which led to a Privilege Escalation vulnerability. id: CVE-2016-10972 info: name: Newspaper Theme 6.4–6.7.1 - Privilege Escalation author: pussycat0x severity: critical description:...

9.8CVSS7.4AI score0.09268EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday16 views

CodeChecker <= 6.24.1 - Authentication Bypass

Authentication bypass occurs when the API URL ends with Authentication, Configuration or ServerInfo. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. id: CVE-2024-10081 info:...

10CVSS6AI score0.40058EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday16 views

KevinLAB BEMS (Building Energy Management System) - Backdoor Account

KevinLAB BEMS has an undocumented backdoor account, and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highes...

9CVSS7AI score0.06719EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday16 views

Multiple Shipping Address Woocommerce < 2.0 - SQL Injection

The Multiple Shipping Address Woocommerce plugin before 2.0 does not properly sanitize and escape numerous parameters before using them in SQL statements via some AJAX actions available to unauthenticated users, leading to unauthenticated SQL injections. id: CVE-2022-0783 info: name: Multiple...

9.8CVSS7.2AI score0.06849EPSS
Exploits2References2
Nuclei
Nuclei
added 2 days ago16 views

Roundcube Webmail - Cross-Site Scripting

A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in messagebody in program/actions/mail/show.php. id: CVE-2024-42009 info: name:...

9.3CVSS7.4AI score0.82853EPSS
Exploits6References3
Total number of security vulnerabilities4136