Lucene search
+L
NucleiRecent

4145 matches found

nuclei
nuclei
•added yesterday•57 views

Atlassian Jira Server-Side Template Injection

Jira Server and Data Center is susceptible to a server-side template injection vulnerability via the ContactAdministrators and SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and...

9.8CVSS7.2AI score0.84621EPSS
Exploits2References5
nuclei
nuclei
•added yesterday•14 views

WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated HTML Content Injection

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection. id: CVE-2019-17233 info: name: WordPress Ultimate FAQs = 1.8.24 – Unauthenticated HTML Content Injection author: daffainfo severity: medium description: | Functions/EWDUFAQImport.ph...

6.1CVSS6.8AI score0.01843EPSS
Exploits1References2
nuclei
nuclei
•added yesterday•48 views

WordPress Download Manager <2.9.94 - Cross-Site Scripting

WordPress Download Manager plugin before 2.9.94 contains a cross-site scripting vulnerability via the category shortcode feature, as demonstrated by the orderby or searchpublishdate parameter. id: CVE-2019-15889 info: name: WordPress Download Manager 2.9.94 - Cross-Site Scripting author: daffainf...

6.1CVSS6.4AI score0.12531EPSS
Exploits6References5
nuclei
nuclei
•added yesterday•10 views

WordPress OneTone theme <= 3.0.6 – Unauthenticated Options Changes

includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress allows unauthenticated options changes. id: CVE-2019-17230 info: name: WordPress OneTone theme = 3.0.6 – Unauthenticated Options Changes author: daffainfo severity: medium description: | includes/theme-functions.php in...

5.3CVSS6.2AI score0.02362EPSS
Exploits1References3
nuclei
nuclei
•added yesterday•11 views

WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated Options Import and Export

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. id: CVE-2019-17232 info: name: WordPress Ultimate FAQs = 1.8.24 – Unauthenticated Options Import and Export author: daffainfo severity: high description: |...

7.5CVSS7.1AI score0.03518EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•69 views

WP Google Maps < 7.10.43 - Cross-Site Scripting

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATHINFO. id: CVE-2019-9912 info: name: WP Google Maps 7.10.43 - Cross-Site Scripting author: ritikchaddha severity: medium description: | The wp-google-maps plugin before 7.10.43 for WordPress has XSS via t...

6.1CVSS6.4AI score0.03028EPSS
Exploits1References3
nuclei
nuclei
•added yesterday•58 views

Apache Solr DataImportHandler <8.2.0 - Remote Code Execution

Apache Solr is vulnerable to remote code execution vulnerabilities via the DataImportHandler, an optional but popular module to pull in data from databases and other sources. The module has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug...

9CVSS7.3AI score0.83547EPSS
Exploits3References5
nuclei
nuclei
•added yesterday•30 views

ND Booking < 2.5 - Unauthenticated Options Change

The Hotel Booking WordPress plugin ND Booking 2.5 was affected by an Unauthenticated Options Change security vulnerability. id: CVE-2019-15774 info: name: ND Booking 2.5 - Unauthenticated Options Change author: popcorn94 severity: medium description: | The Hotel Booking WordPress plugin ND Bookin...

6.1CVSS6.4AI score0.01731EPSS
Exploits1References2
nuclei
nuclei
•added yesterday•77 views

Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the ping function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through t...

10CVSS7.1AI score0.39544EPSS
Exploits1References3
nuclei
nuclei
•added yesterday•25 views

Jiangnan Online Judge 0.8.0 - Local File Inclusion

Jiangnan Online Judge aka jnoj 0.8.0 is susceptible to local file inclusion via web/polygon/problem/viewfile?id=1&name=../. id: CVE-2019-17538 info: name: Jiangnan Online Judge 0.8.0 - Local File Inclusion author: pussycat0x severity: high description: | Jiangnan Online Judge aka jnoj 0.8.0 is...

7.5CVSS7AI score0.11458EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•65 views

Homematic CCU3 - Local File Inclusion

eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem, aka local file inclusion. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. id: CVE-2019-9726 info: name: Homematic CCU3 - Local...

7.5CVSS7.1AI score0.15732EPSS
Exploits1References3
nuclei
nuclei
•added yesterday•48 views

Zyxel ZyWall UAG/USG - Account Creation Access

Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator via the "Free Time" component. This can lead to unauthorized network access or DoS attacks. id: CVE-2019-12583 info: name: Zyxel ZyWall UAG/USG - Account Creation...

9.1CVSS7.1AI score0.43926EPSS
Exploits1References5
nuclei
nuclei
•added yesterday•53 views

WordPress GraceMedia Media Player 1.0 - Local File Inclusion

WordPress GraceMedia Media Player plugin 1.0 is susceptible to local file inclusion via the cfg parameter. id: CVE-2019-9618 info: name: WordPress GraceMedia Media Player 1.0 - Local File Inclusion author: daffainfo severity: critical description: WordPress GraceMedia Media Player plugin 1.0 is...

9.8CVSS7AI score0.40771EPSS
Exploits5References5
nuclei
nuclei
•added yesterday•72 views

Pypiserver <1.2.5 - Carriage Return Line Feed Injection

Pypiserver through 1.2.5 and below is susceptible to carriage return line feed injection. An attacker can set arbitrary HTTP headers and possibly conduct cross-site scripting attacks via a %0d%0a in a URI. id: CVE-2019-6802 info: name: Pypiserver 1.2.5 - Carriage Return Line Feed Injection author...

6.1CVSS6.5AI score0.03922EPSS
Exploits1References5
nuclei
nuclei
•added yesterday•54 views

Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting

Zarafa WebApp 2.0.1.47791 and earlier contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. id: CVE-2019-7219 info: name: Zarafa WebApp =2.0.1.47791 -...

6.1CVSS6.6AI score0.05173EPSS
Exploits0References5
nuclei
nuclei
•added yesterday•102 views

Apache Tomcat - Cross-Site Scripting

Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 are vulnerable to cross-site scripting because the SSI printenv command echoes user provided data without escaping. Note: SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be prese...

6.1CVSS6.7AI score0.45571EPSS
Exploits3References5
nuclei
nuclei
•added yesterday•33 views

Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting

Caldera Forms WordPress plugin 1.9.7 contains a reflected cross-site scripting caused by lack of validation and escaping of the cf-api parameter in responses, letting attackers execute arbitrary scripts in victim's browser, exploit requires attacker to craft a malicious request. id: CVE-2022-0879...

6.1CVSS6.5AI score0.01195EPSS
Exploits2References3
nuclei
nuclei
•added yesterday•222 views

Cuppa CMS v1.0 - Arbitrary File Upload

Cuppa CMS v1.0 was discovered to contain an arbitrary file upload vulnerability via the File Manager. id: CVE-2022-38296 info: name: Cuppa CMS v1.0 - Arbitrary File Upload author: theamanrawat severity: critical description: | Cuppa CMS v1.0 was discovered to contain an arbitrary file upload...

9.8CVSS7.1AI score0.03893EPSS
Exploits1References3
nuclei
nuclei
•added yesterday•68 views

karma-runner DOM-based Cross-Site Scripting

NPM karma prior to 6.3.14. contains a DOM-based cross-site Scripting vulnerability. id: CVE-2022-0437 info: name: karma-runner DOM-based Cross-Site Scripting author: pikpikcu severity: medium description: NPM karma prior to 6.3.14. contains a DOM-based cross-site Scripting vulnerability. impact: ...

6.1CVSS6.2AI score0.15174EPSS
Exploits1References5
nuclei
nuclei
•added yesterday•82 views

WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure

WAVLINK WN579 X3 M79X3.V5030.180719 is susceptible to information disclosure in /cgi-bin/ExportAllSettings.sh. An attacker can obtain sensitive router information via a crafted POST request and thereby possibly obtain additional sensitive information, modify data, and/or execute unauthorized...

7.5CVSS7AI score0.05482EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•69 views

Users Ultra <= 3.1.0 - SQL Injection

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection...

9.8CVSS7.1AI score0.0854EPSS
Exploits2References5
nuclei
nuclei
•added yesterday•45 views

Joomla! Percha Categories Tree 0.6 - Local File Inclusion

A directory traversal vulnerability in the Percha Fields Attach comperchafieldsattach component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2033 info: name:...

7.5CVSS6.2AI score0.15795EPSS
Exploits1References3
nuclei
nuclei
•added yesterday•23 views

Joomla! Component JA Comment - Local File Inclusion

A directory traversal vulnerability in the JA Comment comjacomment component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1601 info: name: Joomla! Component JA Comment - Local File Inclusion author: daffainfo severit...

5CVSS6.2AI score0.15974EPSS
Exploits1References5
nuclei
nuclei
•added yesterday•66 views

Joomla! Component News Portal 1.5.x - Local File Inclusion

A directory traversal vulnerability in the iJoomla News Portal comnewsportal component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1312 info: name: Joomla! Component News Portal 1.5.x - Local File...

5CVSS6.2AI score0.13621EPSS
Exploits2References4
nuclei
nuclei
•added yesterday•52 views

Joomla! Component com_janews - Local File Inclusion

A directory traversal vulnerability in the JA News comjanews component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1219 info: name: Joomla! Component comjanews - Local File Inclusion author: daffainf...

6.8CVSS6.2AI score0.08266EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•43 views

Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion

A directory traversal vulnerability in the MT Fire Eagle commtfireeagle component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1719 info: name: Joomla! Component ...

6.8CVSS6.2AI score0.09371EPSS
Exploits2References5
nuclei
nuclei
•added yesterday•112 views

NagiosXI <= 5.4.12 `commandline.php` SQL injection

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter. id: CVE-2018-10735 info: name: NagiosXI = 5.4.12 commandline.php SQL injection author: DhiyaneshDk severity: high description: | A SQL injection issue was discovered in Nagios XI before...

7.2CVSS7AI score0.42556EPSS
Exploits2References2
nuclei
nuclei
•added yesterday•33 views

Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting

Lantronix SecureLinx Spider SLS 2.2+ devices have XSS in the auth.asp login page. id: CVE-2018-10383 info: name: Lantronix SecureLinx Spider SLS 2.2+ - Cross-Site Scripting author: ritikchaddha severity: medium description: | Lantronix SecureLinx Spider SLS 2.2+ devices have XSS in the auth.asp...

6.1CVSS6.4AI score0.01912EPSS
Exploits0References2
nuclei
nuclei
•added yesterday•37 views

osCommerce 2.3.4.1 - Remote Code Execution

osCommerce Online Merchant 2.3.4.1 contains a remote code execution caused by insecure default configuration and missing authentication in the installer workflow, letting unauthenticated attackers execute arbitrary PHP code via install4.php, exploit requires accessible /install/ directory after...

9.3CVSS6.6AI score0.0282EPSS
Exploits0References4
nuclei
nuclei
•added yesterday•64 views

Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion

A directory traversal vulnerability in the JE Form Creator comjeformcr component for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the...

4.3CVSS6.2AI score0.06429EPSS
Exploits1References5
nuclei
nuclei
•added yesterday•66 views

Joomla! Component Photo Battle 1.0.1 - Local File Inclusion

A directory traversal vulnerability in the Photo Battle comphotobattle component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. id: CVE-2010-1461 info: name: Joomla! Component Photo Battle 1.0.1 - Local File Inclusion author: daffainfo...

5CVSS6.2AI score0.08233EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•40 views

Joomla! Component com_jcollection - Directory Traversal

A directory traversal vulnerability in the JCollection comjcollection component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-0944 info: name: Joomla! Component comjcollection - Directory Traversal author:...

5CVSS6.2AI score0.14041EPSS
Exploits1References5
nuclei
nuclei
•added yesterday•43 views

Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion

A directory traversal vulnerability in the JE Quotation Form comjequoteform component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the view parameter to index.php. id: CVE-2010-2128 info: name: Joomla! Component ...

7.5CVSS6.2AI score0.15821EPSS
Exploits1References5
nuclei
nuclei
•added yesterday•41 views

Joomla! Component Online Exam 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...

6.8CVSS6.2AI score0.08177EPSS
Exploits2References5
nuclei
nuclei
•added yesterday•50 views

Joomla! Component com_cartweberp - Local File Inclusion

A directory traversal vulnerability in the CARTwebERP comcartweberp component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-0982 info: name: Joomla! Component comcartweberp - Local File Inclusion author:...

4.3CVSS6.2AI score0.06238EPSS
Exploits1References2
nuclei
nuclei
•added yesterday•58 views

Ncomputing vSPace Pro 10 and 11 - Directory Traversal

Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability. id: CVE-2018-10201 info: name: Ncomputing vSPace Pro 10 and 11 - Directory Traversal author: 0xakoko severity: high description: Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal...

7.5CVSS7AI score0.45627EPSS
Exploits5References5
nuclei
nuclei
•added yesterday•35 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/account-owner.php Owner name field. id: CVE-2018-19749 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains a cross-site scripting...

4.8CVSS6.3AI score0.03316EPSS
Exploits6References5
nuclei
nuclei
•added yesterday•93 views

TIBCO JasperReports Library - Directory Traversal

The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...

9.9CVSS6.9AI score0.79064EPSS
Exploits4References5
nuclei
nuclei
•added yesterday•43 views

CirCarLife <4.3 - Improper Authentication

CirCarLife before 4.3 is susceptible to improper authentication. A system software information disclosure exists due to lack of authentication for /html/device-id. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-16671 info: name:...

5.3CVSS6.5AI score0.08851EPSS
Exploits5References5
nuclei
nuclei
•added yesterday•28 views

Quest KACE System Management Appliance 8.0.318 - Remote Code Execution

The '/common/downloadagentinstaller.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. id: CVE-2018-11138 info: name: Quest KACE System Management Appliance 8.0.318 - Remote Code Executi...

10CVSS7.2AI score0.91931EPSS
Exploits7References4
nuclei
nuclei
•added yesterday•92 views

Monstra CMS 3.0.4 - Cross-Site Scripting

Monstra CMS 3.0.4 contains a cross-site scripting vulnerability via the registration form i.e., the login parameter to users/registration. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal...

6.1CVSS6.7AI score0.02273EPSS
Exploits0References4
nuclei
nuclei
•added yesterday•85 views

Apache OFBiz - XML External Entity Injection

In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine org.apache.ofbiz.service.engine.HttpEngine.java handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName,...

7.5CVSS7AI score0.25743EPSS
Exploits0
nuclei
nuclei
•added yesterday•34 views

CirCarLife <4.3 - Improper Authentication

CirCarLife before 4.3 is susceptible to improper authentication. An internal installation path disclosure exists due to the lack of authentication for /html/repository.System. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-16668 inf...

5.3CVSS6.8AI score0.09512EPSS
Exploits5References5
nuclei
nuclei
•added yesterday•71 views

Apache ActiveMQ <=5.15.5 - Cross-Site Scripting

Apache ActiveMQ versions 5.0.0 to 5.15.5 are vulnerable to cross-site scripting via the web based administration console on the queue.jsp page. The root cause of this issue is improper data filtering of the QueueFilter parameter. id: CVE-2018-8006 info: name: Apache ActiveMQ =5.15.5 - Cross-Site...

6.1CVSS6.6AI score0.57227EPSS
Exploits0References10
nuclei
nuclei
•added yesterday•41 views

osTicket < 1.10.2 - Cross-Site Scripting

Cross-site scripting XSS vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter. id: CVE-2018-7196 info: name: osTicket 1.10.2 - Cross-Site Scripting author: ritikchaddha severity: medium...

6.1CVSS6.5AI score0.02482EPSS
Exploits1References2
nuclei
nuclei
•added yesterday•65 views

DedeCMS 5.7 SP2 - Cross-Site Scripting

DedeCMS 5.7 SP2 is vulnerable to cross-site scripting via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATHINFO to /member/index.php, /member/pm.php,...

6.1CVSS6.3AI score0.02625EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•41 views

Joomla! Component DW Graph - Local File Inclusion

A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs comdwgraphs component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-1302 info: name: Joomla! Component DW Grap...

5CVSS6.2AI score0.08483EPSS
Exploits1References3
nuclei
nuclei
•added yesterday•23 views

Joomla! Component SVMap 1.1.1 - Local File Inclusion

A directory traversal vulnerability in the SVMap comsvmap component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1308 info: name: Joomla! Component SVMap 1.1.1 - Local File Inclusion author: daffainfo...

5CVSS6.2AI score0.13997EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•24 views

Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal

A directory traversal vulnerability in the Percha Downloads Attach comperchadownloadsattach component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2037 info: name...

7.5CVSS6.2AI score0.11077EPSS
Exploits1References4
nuclei
nuclei
•added yesterday•55 views

Joomla! Component com_rokdownloads - Local File Inclusion

A directory traversal vulnerability in the RokDownloads comrokdownloads component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1056 info: name: Joomla! Component comrokdownload...

6.8CVSS6.3AI score0.11414EPSS
Exploits1References5
Total number of security vulnerabilities4145