Lucene search
+L
NucleiRecent

4146 matches found

nuclei
nuclei
added 10 hours ago14 views

Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. id: CVE-2024-0801 info: name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll author: daffainfo severity: high description: | A denial of service vulnerability exists i...

7.5CVSS7AI score0.41843EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago19 views

QVIS NVR/DVR - Remote Code Execution

QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. id: CVE-2021-41419 info: name: QVIS NVR/DVR - Remote Code Execution author: me9187 severity: critical description: | QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java...

9.8CVSS7.2AI score0.08517EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago55 views

Code-Projects School Fees Payment System 1.0 - SQL Injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS6.7AI score0.017EPSS
Exploits1References5
nuclei
nuclei
added 10 hours ago64 views

JSONPath Plus < 10.3.0 - Remote Code Execution

Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. Note: This is caused by an incomplete fix for...

9.8CVSS7.2AI score0.10224EPSS
Exploits8References5
nuclei
nuclei
added 10 hours ago31 views

Arcserve Unified Data Protection - Authentication Bypass

An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...

9.8CVSS7.1AI score0.04342EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago46 views

RiteCMS 3.0.0 - Cross-site Scripting

RiteCMS v3.0.0 contains a reflected XSS caused by unsanitized input in the mainmenu/editsection component, letting attackers execute arbitrary scripts in the context of the victim's browser. id: CVE-2024-28623 info: name: RiteCMS 3.0.0 - Cross-site Scripting author: 0xAkoko severity: medium...

6.1CVSS6.3AI score0.01317EPSS
Exploits4References2
nuclei
nuclei
added 10 hours ago45 views

AVTECH DVR - Login Verification Code Bypass

AVTECH DVR products are vulnerable to verification code bypass just by entering the "login=quick" parameter to bypass verification code. id: CVE-2013-4982 info: name: AVTECH DVR - Login Verification Code Bypass author: ritikchaddha severity: low description: | AVTECH DVR products are vulnerable t...

9.8CVSS7.1AI score0.13117EPSS
Exploits6References1
nuclei
nuclei
added 10 hours ago80 views

IPeakCMS 3.5 - SQL Injection

ipeak Infosystems ibexwebCMS 3.5 contains an unauthenticated Boolean-based SQL injection caused by unsanitized 'id' parameter in /cms/print.php, letting attackers execute arbitrary SQL commands, exploit requires no authentication. id: CVE-2021-3018 info: name: IPeakCMS 3.5 - SQL Injection author:...

9.8CVSS7.2AI score0.19506EPSS
Exploits3References3
nuclei
nuclei
added 10 hours ago59 views

XWiki Platform - Information Disclosure

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 6.1-milestone-2 through 16.10.6, configuration files are accessible through the webjars API. id: CVE-2025-55747 info: name: XWiki Platform - Information Disclosure author: Redmomn...

9.3CVSS7AI score0.01557EPSS
Exploits0References2
nuclei
nuclei
added 10 hours ago32 views

XiongMai uc-httpd 1.0.0 - Buffer Overflow

Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725. id: CVE-2018-10088 info: name: XiongMai uc-httpd 1.0.0 - Buffer Overflow author: 0xAkoko severity: critical description: | Buffer overflow in XiongMai uc-httpd 1.0....

10CVSS7.1AI score0.40386EPSS
Exploits8References4
nuclei
nuclei
added 10 hours ago12 views

Lokomedia CMS - Local File Inclusion

A Local File Inclusion LFI vulnerability exists in Lokomedia CMS. The application allows an attacker to include files on the server that should not be accessible, potentially exposing sensitive information. id: CVE-2010-2018 info: name: Lokomedia CMS - Local File Inclusion author: r3Y3r53 severit...

5CVSS6.1AI score0.03258EPSS
Exploits1References3
nuclei
nuclei
added 10 hours ago12 views

Loan Management System 1.0 - SQL Injection

Loan Management System 1.0 contains a SQL injection vulnerability via the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id: CVE-2025-9744 info: name:...

9.8CVSS7AI score0.01664EPSS
Exploits3References3
nuclei
nuclei
added 10 hours ago14 views

SquirrelMail Address Add 1.4.2 - Cross-Site Scripting

SquirrelMail Address Add 1.4.2 plugin contains a cross-site scripting vulnerability. It fails to properly sanitize user-supplied input, thus allowing an attacker to execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...

4.3CVSS6.3AI score0.03436EPSS
Exploits2References2
nuclei
nuclei
added 10 hours ago73 views

SugarCRM - Unauthenticated Remote Code Execution via PHP Object Injection

A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper validation of PHP serialized input in the SugarRestSerialize.php script. The vulnerable code fails to sanitize the restdata parameter before passing it to the...

9.3CVSS6.5AI score0.02971EPSS
Exploits0References5
nuclei
nuclei
added 10 hours ago24 views

Company Visitor Management System 1.0 - SQL Injection

Company Visitor Management System 1.0 contains a SQL injection vulnerability via the login page in the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id...

9.8CVSS7AI score0.02351EPSS
Exploits1References3
nuclei
nuclei
added 10 hours ago15 views

OfficeWeb365 Indexs Interface - Arbitrary File Read

There is any file reading in the officeWeb365 Indexs interface. id: CVE-2024-37728 info: name: OfficeWeb365 Indexs Interface - Arbitrary File Read author: DhiyaneshDK severity: high description: | There is any file reading in the officeWeb365 Indexs interface. impact: | Unauthenticated attackers...

7.5CVSS6.1AI score0.01852EPSS
Exploits0References2
nuclei
nuclei
added 10 hours ago33 views

Trinity Audio <= 5.21.0 - Information Exposure

The Trinity Audio Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the /admin/inc/phpinfo.php file that gets created on install. This makes it possible for...

5.3CVSS6.1AI score0.00937EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago9 views

Karel IP Phone IP1211 Web Management Panel - Local File Inclusion

Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. id: CVE-2025-34023 info: name: Karel IP Phone IP1211 Web Management Pane...

8.5CVSS6.2AI score0.01441EPSS
Exploits0References3
nuclei
nuclei
added 10 hours ago68 views

Contact Form 7 Drag and Drop Multiple File Upload - Arbitrary File Upload

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

9.8CVSS6.6AI score0.0509EPSS
Exploits2References3
nuclei
nuclei
added 10 hours ago18 views

Sassy Social Share <= 3.3.3 - Cross-Site Scripting

The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateorssssharingcount' AJAX action in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS6.2AI score0.1544EPSS
Exploits1References3
nuclei
nuclei
added 10 hours ago19 views

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

Privilege escalation vulnerability exists in the Frontend Login and Registration Blocks plugin for WordPress versions = 1.0.7. An unauthenticated attacker can exploit the AJAX endpoint flrblocksusersettingshandleajaxcallback to change the administrator's email address. Subsequently, the attacker...

9.8CVSS7AI score0.06441EPSS
Exploits4References5
nuclei
nuclei
added 10 hours ago25 views

Hunk Companion < 1.9.0 - Unauthenticated Plugin Installation

The plugin does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary plugins from the WordPress.org repo, including vulnerable plugins that have been closed. id: CVE-2024-11972 info: name: Hunk Companion 1.9.0 - Unauthenticated Plugi...

9.8CVSS7.2AI score0.54754EPSS
Exploits5References4
nuclei
nuclei
added 10 hours ago12 views

Registrations for The Events Calendar < 2.7.5 - Authenticated Reflected Cross-Site Scripting

The Registrations for the Events Calendar WordPress plugin before 2.7.5 does not escape the v parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting id: CVE-2021-24876 info: name: Registrations for The Events Calendar 2.7.5 - Authenticated Reflected...

6.1CVSS6.4AI score0.01165EPSS
Exploits2References2
nuclei
nuclei
added 10 hours ago23 views

Memos 0.13.2 - Server-Side Request Forgery

SSRF vulnerabilities exist in the memos API service /o/get/httpmeta that allow unauthenticated and authenticated users to enumerate and read from the internal network. In addition, one SSRF vulnerability leads to a reflected XSS vulnerability, which may allow an attacker complete control over the...

5.8CVSS6.3AI score0.01049EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago22 views

Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the installoractivateaddonplugins function and a weak nonce hash in all...

9.8CVSS6.1AI score0.02904EPSS
Exploits0References3
nuclei
nuclei
added 10 hours ago60 views

WAVLINK WN579X3 - Remote Command Execution

Remote Command Execution vulnerability in WAVLINK WN579X3 routers via pingIp parameter in /cgi-bin/adm.cgi. id: CVE-2023-3380 info: name: WAVLINK WN579X3 - Remote Command Execution author: pussycat0x severity: critical description: | Remote Command Execution vulnerability in WAVLINK WN579X3 route...

9.8CVSS6.4AI score0.0388EPSS
Exploits1References3
nuclei
nuclei
added 10 hours ago177 views

Docassemble - Local File Inclusion

Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the mast...

7.5CVSS6.9AI score0.69486EPSS
Exploits2References3
nuclei
nuclei
added 10 hours ago168 views

WordPress HTML5 Video Player < 2.5.27 - SQL Injection

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks id: CVE-2024-5522 info: name: WordPress HTML5 Video Player 2.5.27 - SQL Injection...

6.5CVSS6.1AI score0.02618EPSS
Exploits6References2
nuclei
nuclei
added 10 hours ago90 views

Smart s200 Management Platform v.S200 - SQL Injection

SQL Injection vulnerability in Baizhuo Network Smart s200 Management Platform v.S200 allows a local attacker to obtain sensitive information and escalate privileges via the /importexport.php component. id: CVE-2024-27718 info: name: Smart s200 Management Platform v.S200 - SQL Injection author:...

7.8CVSS6.1AI score0.01101EPSS
Exploits0References1
nuclei
nuclei
added 10 hours ago85 views

Fujian Kelixin Communication - Command Injection

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. id: CVE-2024-2621 info: name: Fujian Kelixin Communication - Command...

9.8CVSS6.5AI score0.0194EPSS
Exploits0References6
nuclei
nuclei
added 10 hours ago110 views

CrateDB Database - Arbitrary File Read

CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY...

6.5CVSS6.7AI score0.03084EPSS
Exploits1
nuclei
nuclei
added 10 hours ago67 views

D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure

D-LINK DIR-845L DEVICE.ACCOUNT" - "" condition: and - type: status status: - 200 digest: 4b0a00483046022100ca1685d3f17e0a951d880a86476e82a175e93566cdb22309d23c130f0de689fa0...

5.3CVSS6.1AI score0.03419EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago50 views

XWiki >= 2.5-milestone-2 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the resubmit template to perform a XSS, e.g. by using URL such as:...

9.6CVSS6.3AI score0.02268EPSS
Exploits0References2
nuclei
nuclei
added 10 hours ago51 views

XWiki >= 6.0-rc-1 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page XSS. It's possible to exploit the delete template to perform a XSS, e.g. by using URL such as:...

9.6CVSS6.4AI score0.02081EPSS
Exploits0References2
nuclei
nuclei
added 10 hours ago46 views

Web Directory Free < 1.7.0 - SQL Injection

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. id: CVE-2024-3552 info: name: Web Directory Free 1.7.0 - SQL...

9.8CVSS6.1AI score0.67288EPSS
Exploits4References2
nuclei
nuclei
added 10 hours ago54 views

XWiki < 14.10.14 - Cross-Site Scripting

XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name of the...

9.6CVSS6.8AI score0.02191EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago75 views

XWiki < 14.10.14 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When document names are validated according to a name strategy disabled by default, XWiki starting in version 12.0-rc-1 and prior to versions 12.10.12 and 15.5-rc-1 is vulnerable to a reflecte...

9.6CVSS7.2AI score0.05124EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago43 views

XWiki < 14.10.5 - Cross-Site Scripting

XWiki Platform is vulnerable to reflected XSS via the previewactions template. An attacker can inject JavaScript through the xcontinue parameter. id: CVE-2023-35162 info: name: XWiki 14.10.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | XWiki Platform is vulnerable t...

9.6CVSS6.4AI score0.02377EPSS
Exploits0References3
nuclei
nuclei
added 10 hours ago117 views

Microweber < 1.2.11 - CRLF Injection

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. id: CVE-2022-0666 info: name: Microweber 1.2.11 - CRLF Injection author: ritikchaddha severity: high description: | CRLF Injection leads to Sta...

7.6CVSS6.9AI score0.44259EPSS
Exploits1References3
nuclei
nuclei
added 10 hours ago85 views

XWiki < 4.10.15 - Information Disclosure

The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki but not some protected...

7.5CVSS7AI score0.7282EPSS
Exploits0
nuclei
nuclei
added 10 hours ago72 views

EyouCms v1.6.3 - Information Disclosure

EyouCms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custommodelpath/recruit.filelist.txt. id: CVE-2023-37645 info: name: EyouCms v1.6.3 - Information Disclosure author: pussycat0x severity: medium description: | EyouCms v1.6.3 was discovered to...

5.3CVSS6.1AI score0.23827EPSS
Exploits1References1
nuclei
nuclei
added 10 hours ago72 views

XWiki - Open Redirect

XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an attacker to redirect users to an arbitrary website. The vulnerability is patched in versions 14.10.4 and 15.0. id: CVE-2023-32068 info: name: XWiki - Open Redirect author:...

6.1CVSS6.5AI score0.5507EPSS
Exploits0References2
nuclei
nuclei
added 10 hours ago82 views

Exrick XMall - SQL Injection

XMall v1.1 was discovered to contain a SQL injection vulnerability via the 'orderDir' parameter. id: CVE-2024-24112 info: name: Exrick XMall - SQL Injection author: DhiyaneshDk severity: critical description: | XMall v1.1 was discovered to contain a SQL injection vulnerability via the 'orderDir'...

9.8CVSS7.1AI score0.03348EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago110 views

Smart S210 Management Platform - Arbitary File Upload

A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument fileupload leads to unrestricted upload. id: CVE-2024-0939 info: name: Smar...

9.8CVSS6.5AI score0.43777EPSS
Exploits1References5
nuclei
nuclei
added 10 hours ago49 views

XWiki < 4.10.15 - Email Disclosure

The Solr-based search in XWiki discloses the email addresses of users even when obfuscation of email addresses is enabled. To demonstrate the vulnerability, search for objcontent:email using XWiki's regular search interface. id: CVE-2023-50720 info: name: XWiki 4.10.15 - Email Disclosure author:...

5.3CVSS6.2AI score0.59119EPSS
Exploits0References2
nuclei
nuclei
added 10 hours ago39 views

Payment Gateway for Telcell < 2.0.4 - Open Redirect

The plugin does not validate the apiurl parameter before redirecting the user to its value, leading to an Open Redirect issue id: CVE-2023-6786 info: name: Payment Gateway for Telcell 2.0.4 - Open Redirect author: s4e-io severity: medium description: | The plugin does not validate the apiurl...

6.1CVSS6.1AI score0.00464EPSS
Exploits2References2
nuclei
nuclei
added 10 hours ago27 views

Prime Mover < 1.9.3 - Sensitive Data Exposure

Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and...

7.5CVSS6.9AI score0.39867EPSS
Exploits1References3
nuclei
nuclei
added 10 hours ago38 views

MLFlow < 2.8.1 - Sensitive Information Disclosure

An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive information via a crafted request to REST API. id: CVE-2023-43472 info: name: MLFlow 2.8.1 - Sensitive Information Disclosure author: ritikchaddha severity: high description: | An issue in MLFlow versions...

7.5CVSS7AI score0.36582EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago71 views

SuperWebMailer - Cross-Site Scripting

An issue was discovered in SuperWebMailer 9.00.0.01710 that allows keepalive.php XSS via a GET parameter. id: CVE-2023-38194 info: name: SuperWebMailer - Cross-Site Scripting author: ritikchaddha severity: medium description: | An issue was discovered in SuperWebMailer 9.00.0.01710 that allows...

6.1CVSS6.4AI score0.0114EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago77 views

Relevanssi (A Better Search) <= 4.22.0 - Query Log Export

The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. id: CVE-2024-1380 info: name: Relevanssi A...

5.3CVSS6.7AI score0.50192EPSS
Exploits0References3
Total number of security vulnerabilities4146