Lucene search
K
NucleiMost viewed

4136 matches found

Nuclei
Nuclei
•added yesterday•6 views

Payara Server - Cross-Site Scripting

Payara Server versions 4.1.2.191.54, 5.83.0, 6.34.0, and 7.2026.1 contain a stored XSS vulnerability caused by improper input sanitization in the REST Management Interface. This allows attackers to mislead administrators into changing the admin password via a URL payload; however, the exploit...

9.3CVSS5.9AI score0.01002EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•6 views

Letta Letta 0.7.12 - Remote Code Execution

Letta 0.7.12 is vulnerable to remote code execution via POST /v1/tools/run in letta.server.restapi.routers.v1.tools.runtoolfromsource, allowing attackers to execute arbitrary Python and OS commands via crafted tool source code. id: CVE-2025-51482 info: name: Letta Letta 0.7.12 - Remote Code...

8.8CVSS6.8AI score0.01862EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•6 views

Python Flask-Security-Too <=5.3.2 - Open Redirect

An open redirect vulnerability exists in the python package Flask-Security-Too prior to version 5.3.3. Attackers can abuse the 'next' parameter on the /login and /register routes to redirect unsuspecting users to malicious sites via crafted URLs, which could lead to phishing or other attacks NVD...

6.1CVSS6.3AI score0.01079EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•6 views

WordPress Stray Random Quotes <= 1.9.9 - Cross-Site Scripting

Stray Random Quotes WordPress plugin = 1.9.9 contains a reflected cross-site scripting caused by a lack of sanitization and escaping of a parameter before output, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL...

6.1CVSS7.1AI score0.00564EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•6 views

WordPress Competition Form Plugin <= 2.0 - Cross-Site Scripting

Competition Form WordPress plugin = 2.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires victim to visit a...

7.1CVSS7.1AI score0.00566EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•6 views

WP Travel Engine <= 5.7.9 - SQL Injection

WP Travel Engine 5.7.9 and earlier contains a SQL injection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL queries, exploit requires user interaction. id: CVE-2024-30502 info: name: WP Travel Engine = 5.7.9 - SQL Injection...

9.8CVSS7.4AI score0.02267EPSS
Exploits0References4
Nuclei
Nuclei
•added 4 days ago•6 views

Mitel 6000 - OS Command Injection

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 R6.4.0.4006, and the 6970 Conference Unit through 6.4 SP4 R6.4.0.4006 or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient paramete...

6.5CVSS7.3AI score0.48492EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/04/09 11:29 a.m.•6 views

WordPress Clean Login <= 1.14.5 Authenticated (Contributor+) - Local File Inclusion

The Clean Login plugin for WordPress up to version 1.14.5 contains a path traversal caused by the 'template' attribute in the clean-login-register shortcode, letting authenticated attackers with contributor access include and execute arbitrary files, exploit requires attacker to have contributor ...

8.8CVSS6.1AI score0.03034EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/04/03 7:34 a.m.•6 views

ChanCMS <= 3.1. - Remote Code Execution

yanyutao0402 ChanCMS = 3.1.2 contains an insecure deserialization caused by manipulation of the "targetUrl" argument in getArticle function of app/modules/cms/controller/collect.js, letting remote attackers execute arbitrary code, exploit requires crafted input. id: CVE-2025-8266 info: name:...

6.5CVSS6.9AI score0.00971EPSS
Exploits1References4
Nuclei
Nuclei
•added 2026/02/12 5:7 a.m.•6 views

Studiocart <= 2.9.0 - Cross-Site Scripting

The Studiocart plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if the...

7.1CVSS5.8AI score0.00368EPSS
Exploits0References1
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•6 views

Avigilon ACM - Host Header Injection

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. id: CVE-2025-56266 info: name: Avigilon ACM - Host Header Injection author: DhiyaneshDK severity: medium description: | A Host Header Injection vulnerability in...

9.8CVSS7.8AI score0.02695EPSS
Exploits1References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•6 views

DAEnetIP4 METO v1.25 - Session Hijacking

DAEnetIP4 METO v1.25 contains improper session management in the /loginok.htm endpoint, letting attackers hijack sessions, exploit requires attacker to control or intercept session tokens. id: CVE-2025-28242 info: name: DAEnetIP4 METO v1.25 - Session Hijacking author: 0xAkoko severity: high...

9.8CVSS5.9AI score0.01681EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•6 views

YesWiki <= 4.5.1 - Cross-Site Scripting

YesWiki alertdocument.domain","YesWiki"' - 'statuscode == 200' - 'containscontenttype, "text/html"' condition: and digest: 4a0a0047304502200362ca1190c63e21f2923bf08de7cb7da7b574446b257e6007dfd76d97c7ed0b02210097168371a37ae69e386417974c7fa650ac4099a59a65f245bd361ac61d391a41:922c64590222798b...

6.1CVSS5AI score0.00498EPSS
Exploits1References1
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•6 views

Open Redirect via Organization Switching

An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL id: CVE-2025-6197 info:...

7.6CVSS7.5AI score0.37565EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•5 views

YesWiki Reflected XSS via File Upload

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthenticated user to create a link that can be clicked on by the victim to perform arbitrary actions. This issue has been...

7.6CVSS6AI score0.00582EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•5 views

WordPress WPCOM Member <= 1.7.6 - SQL Injection

WPCOM Member plugin for WordPress up to 1.7.6 contains a time-based SQL Injection caused by insufficient escaping and lack of preparation on the 'userphone' parameter, letting unauthenticated attackers extract sensitive information, exploit requires sending crafted 'userphone' parameter. id:...

7.5CVSS7.2AI score0.01708EPSS
Exploits0References3
Nuclei
Nuclei
•added yesterday•5 views

OneUptime < 10.0.21 - Path Traversal

OneUptime 10.0.21 contains a path traversal caused by unsanitized componentName parameter in /workflow/docs/:componentName endpoint, letting unauthenticated attackers read arbitrary files from the server filesystem. id: CVE-2026-30958 info: name: OneUptime 10.0.21 - Path Traversal author:...

8.6CVSS7.3AI score0.01102EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•5 views

LeadConnector < 3.0.22 - Unauthenticated Arbitrary Data Write

LeadConnector WordPress plugin 3.0.22 contains a broken access control caused by missing authorization in a REST route, letting unauthenticated attackers overwrite existing data remotely, exploit requires no authentication. id: CVE-2026-1890 info: name: LeadConnector 3.0.22 - Unauthenticated...

5.3CVSS5.9AI score0.00645EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•5 views

Campaign Monitor for WordPress - Information Disclosure

Campaign Monitor for WordPress plugin for WordPress versions up to 2.8.15 contains a full path disclosure caused by improper access restriction and enabled displayerrors in /forms/views/admin/create.php, letting unauthenticated attackers retrieve server paths, exploit requires displayerrors to be...

5.3CVSS5.9AI score0.00849EPSS
Exploits0References3
Nuclei
Nuclei
•added yesterday•5 views

Gogs < 0.14.3 - Unauthenticated Organization Teams Disclosure

Gogs before version 0.14.3 contains an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint returns all teams for any organization without requiring authentication. The route group lacks the reqToken middleware, exposing team IDs, names, descriptions,...

6.9CVSS5.9AI score0.01553EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•5 views

SiYuan <= v3.5.9 - Cross Site Scripting

SiYuan v3.5.10 contains a reflected XSS caused by improper sanitization of javascript: href attributes allowing ASCII control characters to bypass prefix checks in SVG sanitizer, letting unauthenticated attackers execute JavaScript via /api/icon/getDynamicIcon. id: CVE-2026-31809 info: name: SiYu...

6.4CVSS7.2AI score0.00505EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•5 views

Xerte Online Toolkits <= 3.15 - Remote Code Execution

Xerte Online Toolkits versions 3.15 and earlier expose the elFinder file manager connector at /editor/elfinder/php/connector.php without authentication CVE-2026-34413, because the access-control redirect for unauthenticated users does not call exit/die and execution continues server-side. This is...

9.8CVSS6.4AI score0.03575EPSS
Exploits2References6
Nuclei
Nuclei
•added yesterday•5 views

EventON Lite <= 2.4 - Authenticated Local File Inclusion

Ashan Perera EventON contains a PHP remote file inclusion caused by improper control of filename in include/require statements, letting attackers include local files, exploit requires attacker to control include filename. id: CVE-2025-32614 info: name: EventON Lite = 2.4 - Authenticated Local Fil...

8.8CVSS7.2AI score0.01833EPSS
Exploits0References1
Nuclei
Nuclei
•added yesterday•5 views

OWL Carousel Slider - Cross-Site Scripting

OWL Carousel Slider WordPress plugin v2.2 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute arbitrary scripts in the context of high privilege users, exploit requires attacker to craft malicious URL. id: CVE-2024-13627 info:...

4.7CVSS7.2AI score0.00805EPSS
Exploits1References1
Nuclei
Nuclei
•added yesterday•5 views

WordPress Google Map Professional - Cross-Site Scripting

WordPress Google Map Professional Map In Your Language plugin through 1.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users such ...

6.1CVSS7.1AI score0.00565EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•5 views

WP Extended < 3.0.0 - Stored Cross-Site Scripting

The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

7.1CVSS6.1AI score0.0063EPSS
Exploits0References4
Nuclei
Nuclei
•added 2026/06/22 5:20 a.m.•5 views

Dashy <= 4.3.6 - Reflected XSS via Workspace

Dashy versions up to 4.3.6 contain a reflected cross-site scripting vulnerability in the workspace view. The url query parameter is passed directly to an iframe src attribute without scheme validation, allowing an attacker to inject javascript: URIs that execute arbitrary JavaScript in the contex...

5.9AI score
Exploits0References2
Nuclei
Nuclei
•added 2026/06/18 12:13 p.m.•5 views

FUXA 1.3.0 - Unauthenticated ICS/SCADA Project Data Disclosure

FUXA v1.3.0 exposes full SCADA/HMI project configuration via GET /api/project without authentication, even when secureEnabled is true. The secureFnc middleware auto-generates a valid guest JWT when no token is provided, bypassing authentication. Exposed data includes server-side scripts, device...

5.2AI score0.00088EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/04/30 5:10 a.m.•5 views

AVideo <= 26.0 - WWBN AVideo - Remote Code Execution

WWBN AVideo = 26.0 contains multiple vulnerabilities in the CloneSite plugin including unauthenticated exposure of clone secret keys and OS command injection in rsync command construction, letting unauthenticated attackers achieve remote code execution. id: CVE-2026-33478 info: name: AVideo = 26....

10CVSS5.7AI score0.13266EPSS
Exploits1References1
Nuclei
Nuclei
•added 2026/04/09 12:38 p.m.•5 views

WordPress The Wound Theme <= 0.0.1 - Local File Inclusion

The-wound WordPress theme through 0.0.1 contains a local file inclusion caused by insufficient validation of parameters used to generate paths passed to include functions, letting unauthenticated users perform LFI attacks and download arbitrary files from the server. id: CVE-2025-2558 info: name:...

8.6CVSS7.4AI score0.02134EPSS
Exploits1References3
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•5 views

Adobe Experience Manager Forms - Insecure Deserialization

Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user...

9.8CVSS6.1AI score0.44894EPSS
Exploits0References1
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•5 views

Securden Unified PAM - Authentication Bypass

An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backup functions, leading to compromise of passwords, secrets, and application session tokens stored by the Unified PAM. id: CVE-2025-53118 info: name: Securden Unified PAM -...

9.8CVSS7.1AI score0.29365EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/02/04 7:0 a.m.•5 views

PowerJob List - Authorization Bypass

PowerJob = 5.1.2 contains a broken access control caused by missing authorization in /user/list function, letting remote attackers access unauthorized resources, exploit requires no special privileges. id: CVE-2025-11580 info: name: PowerJob List - Authorization Bypass author: DhiyaneshDk severit...

6.9CVSS5.5AI score0.01013EPSS
Exploits0References2
Nuclei
Nuclei
•added 5 days ago•4 views

Progress ADC LoadMaster - Command Injection

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints id: CVE-2026-8037 info: name: Progress ADC LoadMaste...

9.6CVSS7.9AI score0.29641EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 days ago•3 views

Spring Framework Path Traversal in Functional Web Frameworks

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application...

7.5CVSS6.7AI score0.54862EPSS
Exploits6References3
Nuclei
Nuclei
•added 4 days ago•3 views

phpBB < 3.3.17 - Authentication Bypass

phpBB before 3.3.17 contains an authentication bypass vulnerability in the login-link feature. By setting the authprovider query parameter to "apache", an unauthenticated attacker can bypass password verification and log in as any user, including administrators. The Apache auth provider trusts th...

9.8CVSS7.2AI score0.00662EPSS
Exploits1References2
Total number of security vulnerabilities4136