Lucene search
+L
NucleiRecent

4146 matches found

nuclei
nuclei
•added 8 hours ago•82 views

Cisco Smart Licensing Utility UnAuthenticated Logs Exposure Leaking Plaintext Credentials

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information.This vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected...

7.5CVSS7.1AI score0.51466EPSS
Exploits0References1
nuclei
nuclei
•added 8 hours ago•73 views

Control iD iDSecure - Authentication Bypass

An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine used by iDS-Core.dll contains a "passwordCustom" option that allows an unauthenticated attacker to compute valid credentials that can be used to bypass authentication and act as an administrative use...

9.8CVSS7AI score0.65237EPSS
Exploits6
nuclei
nuclei
•added 8 hours ago•20 views

TOTVS Fluig Platform - Cross-Site Scripting

A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input...

6.1CVSS4.3AI score0.02379EPSS
Exploits1References3
nuclei
nuclei
•added 8 hours ago•24 views

Seriously Simple Podcasting < 3.0.0 - Information Disclosure

The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address which by default is the admin email address via an unauthenticated crafted request. id: CVE-2023-6444 info: name: Seriously Simple Podcasting 3.0.0 - Information Disclosure author: s4e-io...

5.3CVSS6.1AI score0.02463EPSS
Exploits3References3
nuclei
nuclei
•added 8 hours ago•19 views

Essential Grid <= 3.1.0 - Cross-Site Scripting

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions. id: CVE-2023-47684 info: name: Essential Grid = 3.1.0 - Cross-Site Scripting author: 0xpugal severity: medium description: | Unauthenticated Reflected Cross-Site Scripting XS...

7.1CVSS6.7AI score0.00838EPSS
Exploits0References2
nuclei
nuclei
•added 8 hours ago•49 views

Qualitor <= 8.20 - Remote Code Execution

Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter. id: CVE-2023-47253 info: name: Qualitor = 8.20 - Remote Code Execution author: s4e-io severity: critical description: |...

9.8CVSS7.3AI score0.14422EPSS
Exploits4References3
nuclei
nuclei
•added 8 hours ago•194 views

pyload-ng js2py - Remote Code Execution

An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. id: CVE-2024-28397 info: name: pyload-ng js2py - Remote Code Execution author: iamnoooob,rootxharsh,pdresearch severity: medium description: | An issue in the...

5.3CVSS6.9AI score0.04548EPSS
Exploits22References2
nuclei
nuclei
•added 8 hours ago•53 views

Traccar - Unrestricted File Upload

Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this...

8.5CVSS7.3AI score0.54413EPSS
Exploits9References3
nuclei
nuclei
•added 8 hours ago•33 views

Safe Editor Plugin < 1.2 - CSS/JS-injection

The safe-editor plugin before 1.2 for WordPress has no sesave authentication, with resultant XSS. id: CVE-2016-10976 info: name: Safe Editor Plugin 1.2 - CSS/JS-injection author: Splint3r7 severity: medium description: | The safe-editor plugin before 1.2 for WordPress has no sesave authentication...

6.1CVSS6.4AI score0.01506EPSS
Exploits2References3
nuclei
nuclei
•added 8 hours ago•171 views

Jenkins Script Security Plugin <=1.49 - Sandbox Bypass

A sandbox bypass vulnerability exists in the Jenkins Script Security Plugin versions 1.49 and earlier within src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java. This flaw allows attackers with permission to submit sandboxed scripts to execute arbitrary code on th...

8.8CVSS7AI score0.98428EPSS
Exploits17References6
nuclei
nuclei
•added 8 hours ago•61 views

Popup Builder Plugin - SQL Injection and Cross-Site Scripting

The Popup Builder WordPress plugin before 4.1.1 is vulnerable to SQL Injection and Reflected XSS via the sgpb-subscription-popup-id parameter. id: CVE-2022-0479 info: name: Popup Builder Plugin - SQL Injection and Cross-Site Scripting author: ritikchaddha severity: critical description: | The Pop...

9.8CVSS7.1AI score0.4408EPSS
Exploits2
nuclei
nuclei
•added 8 hours ago•23 views

Timesheet Plugin < 0.1.5 - Cross-Site Scripting

The Timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. id: CVE-2017-18590 info: name: Timesheet Plugin 0.1.5 - Cross-Site Scripting author: Splint3r7 severity: medium description: | The Timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. impact: | Authenticated...

6.1CVSS6.4AI score0.01404EPSS
Exploits1References3
nuclei
nuclei
•added 8 hours ago•46 views

WAVLINK AC1200 - Information Disclosure

A vulnerability is in the 'livemfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router. id: CVE-2021-44260 info: name:...

7.5CVSS7AI score0.07573EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•66 views

Flowise <= 1.8.2 Authentication Bypass

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality. id: CVE-2024-8181 info: name: Flowise = 1.8.2 Authentication Bypass author:...

9.8CVSS6.1AI score0.42783EPSS
Exploits0References3
nuclei
nuclei
•added 8 hours ago•68 views

Zitadel - User Registration Bypass

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7, disabling the "User Registration allowed" option only hid the...

7.5CVSS7AI score0.02572EPSS
Exploits0References2
nuclei
nuclei
•added 8 hours ago•63 views

Gradio - Open Redirect

Gradio allows an open redirect bypass via URL encoding, enabling attackers to redirect users to malicious sites. This can lead to phishing attacks and loss of trust in the application. id: CVE-2024-8021 info: name: Gradio - Open Redirect author: DhiyaneshDK severity: medium description: | Gradio...

6.1CVSS6.2AI score0.00723EPSS
Exploits1References1
nuclei
nuclei
•added 8 hours ago•41 views

REST API TO MiniProgram <= 4.7.1 - SQL Injection

The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/watch-life-net/v1/comment/getcomments REST API endpoint in all versions up to, and including, 4.7.1 due to insufficient escaping on the user supplied parameter and lack of...

7.5CVSS6.1AI score0.03792EPSS
Exploits1References5
nuclei
nuclei
•added 8 hours ago•45 views

Riello Netman 204 - SQL Injection

The three endpoints /cgi-bin/dbdatalogw.cgi, /cgi-bin/dbeventlogw.cgi, and /cgi-bin/dbmultimetrw.cgi are vulnerable to SQL injection without prior authentication. This enables an attacker to modify the collected log data in an arbitrary way. id: CVE-2024-8877 info: name: Riello Netman 204 - SQL...

9.8CVSS7.2AI score0.7703EPSS
Exploits2References3
nuclei
nuclei
•added 8 hours ago•98 views

WebIQ 2.15.9 - Directory Traversal

The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system. id: CVE-2024-8752 info: name: WebIQ 2.15.9 - Directory Traversal author: s4e-io severity: high description: | The Windows version of WebIQ 2.15.9 is...

9.3CVSS7.1AI score0.11759EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•99 views

Keycloak - Open Redirect

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...

6.1CVSS6.1AI score0.01959EPSS
Exploits0References2
nuclei
nuclei
•added 8 hours ago•48 views

WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution

The The WP Popup Builder Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wpajaxnoprivshortcodeApiAdd AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that...

9.8CVSS6.4AI score0.51316EPSS
Exploits1References3
nuclei
nuclei
•added 8 hours ago•56 views

pgAdmin 4 - Authentication Bypass

pgAdmin 4 versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. id: CVE-2024-9014 info: name: pgAdmin 4 - Authentication Bypass author...

9.9CVSS7AI score0.09685EPSS
Exploits2References3
nuclei
nuclei
•added 8 hours ago•81 views

Keycloak - SAML Core Package Signature Validation Flaw

A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Referen...

7.7CVSS6.6AI score0.0203EPSS
Exploits0References5
nuclei
nuclei
•added 8 hours ago•72 views

LearnPress < 4.2.7.1 - SQL Injection

The LearnPress - WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'conlyfields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of...

10CVSS7AI score0.63134EPSS
Exploits6References2
nuclei
nuclei
•added 8 hours ago•106 views

Nagios XI v5.11.0 - SQL Injection

A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/bannermessage-ajaxhelper.php. id: CVE-2023-40931 info: name: Nagios XI v5.11.0 - S...

6.5CVSS6.9AI score0.11278EPSS
Exploits2References2
nuclei
nuclei
•added 8 hours ago•100 views

PHPJabbers Food Delivery Script v3.0 - SQL Injection

PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php. id: CVE-2023-40749 info: name: PHPJabbers Food Delivery Script v3.0 - SQL Injection author: ritikchaddha severity: critical description: | PHPJabbers Food Delivery Script v3.0 is vulnerable...

9.8CVSS7AI score0.03306EPSS
Exploits0References2
nuclei
nuclei
•added 8 hours ago•34 views

PHPJabbers Food Delivery Script - SQL Injection

PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php. id: CVE-2023-40748 info: name: PHPJabbers Food Delivery Script - SQL Injection author: ritikchaddha severity: critical description: | PHPJabbers Food Delivery Script 3.0 has a SQL injecti...

9.8CVSS7AI score0.02904EPSS
Exploits0References2
nuclei
nuclei
•added 8 hours ago•58 views

Revive Adserver 5.4.1 - Cross-Site Scripting

A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions. id: CVE-2023-38040 info: name: Revive Adserver 5.4.1 - Cross-Site Scripting author: ritikchaddha severity: medium description: | A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions...

6.1CVSS6.4AI score0.01983EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•65 views

WordPress Core <=6.2 - Directory Traversal

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wplang’ parameter. id: CVE-2023-2745 info: name: WordPress Core =6.2 - Directory Traversal author: nqdung2002 severity: medium description: | WordPress Core is vulnerable to Directory Traversal in...

6.1CVSS6.6AI score0.79527EPSS
Exploits7References2
nuclei
nuclei
•added 8 hours ago•101 views

Drupal 11.x-dev - Full Path Disclosure

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure even when error logging is None if the value of hashsalt is filegetcontents of a file that does not exist. id: CVE-2024-45440 info: name: Drupal 11.x-dev - Full Path Disclosure author: DhiyaneshDK severity: medium description: |...

5.3CVSS6.2AI score0.09269EPSS
Exploits4
nuclei
nuclei
•added 8 hours ago•67 views

SafeGuard for Privileged Passwords < 7.5.2 - Authentication Bypass

One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This only affects virtual appliance installations VMware or HyperV. The fixed versions are 7.0.5.1 LTS, 7.4.2, and 7.5.2. id: CVE-2024-45488 info: name: SafeGuard for...

9.8CVSS6.1AI score0.50603EPSS
Exploits0References5
nuclei
nuclei
•added 8 hours ago•173 views

Hoverfly < 1.10.3 - Arbitrary File Read

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

7.5CVSS6.2AI score0.55864EPSS
Exploits3References2
nuclei
nuclei
•added 8 hours ago•95 views

Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...

9.8CVSS7.1AI score0.90067EPSS
Exploits5References4
nuclei
nuclei
•added 8 hours ago•169 views

Camaleon CMS < 2.8.1 Arbitrary File Write to RCE

An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on depending on the permissions of the underlying filesystem. E.g. This can lead to a remote...

9.9CVSS6.5AI score0.35461EPSS
Exploits2References5
nuclei
nuclei
•added 8 hours ago•123 views

ECTouch v2 - SQL Injection

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php. id: CVE-2023-39560 info: name: ECTouch v2 - SQL Injection author: s4e-io severity: critical description: | ECTouch v2 was discovered to contain a SQL injection vulnerabili...

9.8CVSS7.1AI score0.04109EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•82 views

DATAGERRY - REST API Auth Bypass

Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests. id: CVE-2024-46627 info: name: DATAGERRY - REST API Auth Bypass author: gy741 severity: critical description: | Incorrect access control in BECN DATAGERRY v2.2 allows attackers...

9.1CVSS6.3AI score0.04099EPSS
Exploits0References5
nuclei
nuclei
•added 8 hours ago•53 views

Gradio - Open Redirect

An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting XSS, Server-Side Request Forgery SSRF, amongst others. This...

6.1CVSS6.3AI score0.01021EPSS
Exploits1References1
nuclei
nuclei
•added 8 hours ago•35 views

CentralSquare CryWolf - Path Traversal

A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf False Alarm Management through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information. id: CVE-2024-45241 info:...

7.5CVSS7AI score0.13623EPSS
Exploits1References3
nuclei
nuclei
•added 8 hours ago•20 views

Qualitor <= 8.24 - Remote Code Execution

Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php. id: CVE-2024-44849 info: name: Qualitor = 8.24 - Remote Code Execution author: s4e-io severity: critical description: | Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via...

9.8CVSS6.2AI score0.46301EPSS
Exploits1References5
nuclei
nuclei
•added 8 hours ago•39 views

osTicket < v1.16.6 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository osticket/osticket prior to v1.16.6. id: CVE-2023-1315 info: name: osTicket v1.16.6 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository osticket/osticket prio...

5.4CVSS6.2AI score0.01059EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•54 views

phpIPAM 1.5.1 - Cross-site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. id: CVE-2023-0676 info: name: phpIPAM 1.5.1 - Cross-site Scripting author: ritikchaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository phpipam/phpipam prior to 1.5....

6.1CVSS6.3AI score0.01532EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•40 views

osTicket < v1.16.6 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository osticket/osticket prior to v1.16.6. id: CVE-2023-1317 info: name: osTicket v1.16.6 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository osticket/osticket prio...

5.4CVSS6.2AI score0.01015EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•62 views

osTicket 1.15.x - SQL Injection

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topicid" URL parameters combination. id: CVE-2021-45811 info: name: osTicket 1.15.x - SQL Injection author:...

6.5CVSS6.8AI score0.02454EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•41 views

osTicket < 1.10.2 - Cross-Site Scripting

Cross-site scripting XSS vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter. id: CVE-2018-7196 info: name: osTicket 1.10.2 - Cross-Site Scripting author: ritikchaddha severity: medium...

6.1CVSS6.5AI score0.02482EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•128 views

Strapi Versions <=4.5.5 - SSTI to Remote Code Execution

Strapi through 4.5.5 allows authenticated Server-Side Template Injection SSTI that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses t...

10CVSS7.2AI score0.76825EPSS
Exploits2References5
nuclei
nuclei
•added 8 hours ago•54 views

KiviCare WordPress Plugin - Cross-Site Scripting

The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape the 'filterType' parameter, leading to Reflected Cross-Site Scripting. id: CVE-2023-2624 info: name: KiviCare WordPress Plugin - Cross-Site Scripting author: ritikchaddha severity: medium description: | The KiviCare WordPress...

6.1CVSS6.4AI score0.01156EPSS
Exploits4References3
nuclei
nuclei
•added 8 hours ago•67 views

Strapi Versions <=4.5.6 - Authentication Bypass

Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the 'None' type algorithm to bypass authentication and impersonate any user that...

8.2CVSS7AI score0.04158EPSS
Exploits1References4
nuclei
nuclei
•added 8 hours ago•75 views

PrestaShop xipblog - SQL Injection

In the blog module xipblog, an anonymous user can perform SQL injection. Even though the module has been patched in version 2.0.1, the version number was not incremented at the time. id: CVE-2023-27847 info: name: PrestaShop xipblog - SQL Injection author: mastercho severity: critical description...

9.8CVSS6.9AI score0.04715EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•71 views

L-Soft LISTSERV 16.5 - Cross-Site Scripting

The REPORT after z but before a parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL. id: CVE-2023-27641 info: name: L-Soft LISTSERV 16.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | The REPORT after z but...

6.1CVSS6.4AI score0.01092EPSS
Exploits1References2
nuclei
nuclei
•added 8 hours ago•103 views

Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation CNCF as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, "Secret Key", is hard coded, which leads to...

9.8CVSS6AI score0.33618EPSS
Exploits1References4
Total number of security vulnerabilities4146