Lucene search
+L
NucleiRecent

4146 matches found

nuclei
nuclei
added 6 hours ago60 views

MooDating 1.2 - Cross-Site scripting

A vulnerability classified as problematic was found in mooSocial mooDating 1.2. This vulnerability affects unknown code of the file /users of the component URL Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. id: CVE-2023-3847 info: name: MooDating 1....

6.1CVSS4.5AI score0.03648EPSS
Exploits4References5
nuclei
nuclei
added 6 hours ago973 views

Embedded JavaScript(EJS) 3.1.6 - Template Injection

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. id: CVE-2023-29827 info: name: Embedded JavaScriptEJS 3.1.6 - Template Injection author:...

9.8CVSS7AI score0.05552EPSS
Exploits1References3
nuclei
nuclei
added 6 hours ago191 views

qdPM 9.2 - Directory Traversal

qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI. id: CVE-2023-45855 info: name: qdPM 9.2 - Directory Traversal author: DhiyaneshDk severity: high description: | qdPM 9.2 allows Directory Traversal to list files and directories by navigating to t...

7.5CVSS7AI score0.0333EPSS
Exploits1References3
nuclei
nuclei
added 6 hours ago112 views

Github Enterprise Authenticated Remote Code Execution

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

9.8CVSS7.3AI score0.71725EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago134 views

RaidenMAILD Mail Server v.4.9.4 - Path Traversal

Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component. id: CVE-2024-32399 info: name: RaidenMAILD Mail Server v.4.9.4 - Path Traversal author: DhiyaneshDK severity: high description: |...

7.6CVSS7.1AI score0.0316EPSS
Exploits0References5
nuclei
nuclei
added 6 hours ago65 views

Gradio - Server Side Request Forgery

An SSRF Server-Side Request Forgery vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...

6.5CVSS6.7AI score0.01784EPSS
Exploits1References2
nuclei
nuclei
added 6 hours ago52 views

SuperWebMailer 9.31.0.01799 - Cross-Site Scripting

SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting XSS vulenrability via the component api.php. id: CVE-2024-24131 info: name: SuperWebMailer 9.31.0.01799 - Cross-Site Scripting author: DhiyaneshDK severity: medium description: | SuperWebMailer v9.31.0.01799 w...

6.1CVSS6.3AI score0.00924EPSS
Exploits1References2
nuclei
nuclei
added 6 hours ago113 views

EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorization in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog. id: CVE-2024-0235 info: name: EventON Free 2.2.8, Premium 4.5.5 - Information Disclosu...

5.3CVSS6.2AI score0.37957EPSS
Exploits3References3
nuclei
nuclei
added 6 hours ago185 views

Netmaker - Hardcoded DNS Secret Key

Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. id: CVE-2023-32077 info: name: Netmaker - Hardcoded DNS Secret Key author: iamnoooob,rootxharsh,pdresearch...

7.5CVSS6.8AI score0.03147EPSS
Exploits0
nuclei
nuclei
added 6 hours ago78 views

Modoboa < 2.1.0 - Improper Authorization

Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0. id: CVE-2023-2227 info: name: Modoboa 2.1.0 - Improper Authorization author: ritikchaddha,princechaddha severity: critical description: | Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0. impact:...

9.1CVSS7AI score0.43756EPSS
Exploits1References3
nuclei
nuclei
added 6 hours ago58 views

mooSocial v.3.1.8 - Cross-Site Scripting

A cross-site Scripting XSS vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code by sending a crafted payload to the adminredirecturl parameter of the user login function. id: CVE-2023-44812 info: name: mooSocial v.3.1.8 - Cross-Site Scripting author: ritikchaddha...

6.1CVSS6.6AI score0.01897EPSS
Exploits2References3
nuclei
nuclei
added 6 hours ago246 views

Avada < 7.11.7 - Information Disclosure

The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with ...

5.3CVSS7AI score0.27997EPSS
Exploits1References4
nuclei
nuclei
added 6 hours ago64 views

WordPress Toolbar <= 2.2.6 - Open Redirect

The plugin redirects to any URL via the "wptbto" parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. id: CVE-2023-6389 info: name: WordPress Toolbar = 2.2.6 - Open Redirect...

6.1CVSS6.7AI score0.25679EPSS
Exploits2References2
nuclei
nuclei
added 6 hours ago94 views

osCommerce v4.0 - Cross-site Scripting

A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely. id: CVE-2024-4348 info: name:...

5CVSS4.7AI score0.01828EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago67 views

Combo Blocks < 2.2.76 - Improper Access Control

The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not prevent password protected posts from being displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts id:...

5.4CVSS6.1AI score0.16906EPSS
Exploits2References3
nuclei
nuclei
added 6 hours ago183 views

Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE

The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attackers to execute arbitrary commands via a web shell. id: CVE-2023-4521 info: name: Import XML and RSS Feeds 2.1.5 - Unauthenticated RCE author: princechaddha severity: critical description: The Import XML and RS...

9.8CVSS7.2AI score0.39294EPSS
Exploits2References1
nuclei
nuclei
added 6 hours ago70 views

eyoucms v.1.6.5 - Cross-Site Scripting

Cross Site Scripting XSS vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. id: CVE-2024-22927 info: name: eyoucms v.1.6.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross Site Scripting XSS...

6.1CVSS6.6AI score0.01028EPSS
Exploits1References2
nuclei
nuclei
added 6 hours ago195 views

MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template

The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP cod...

9.8CVSS7.4AI score0.05018EPSS
Exploits0References5
nuclei
nuclei
added 6 hours ago252 views

Wordpress Email Subscribers by Icegram Express - SQL Injection

The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IGESSubscribersQuery' class in all versions up to, and including, 5.7.14 due to insufficient escaping ...

9.8CVSS7.1AI score0.80596EPSS
Exploits4References2
nuclei
nuclei
added 6 hours ago277 views

JetBrains TeamCity > 2023.11.3 - Authentication Bypass

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible id: CVE-2024-23917 info: name: JetBrains TeamCity 2023.11.3 - Authentication Bypass author: iamnoooob,rootxharsh,pdresearch severity: critical description: | In JetBrains TeamCity before 2023.11.3...

9.8CVSS7.1AI score0.5373EPSS
Exploits0References2
nuclei
nuclei
added 6 hours ago179 views

Change Detection - Server Side Template Injection

A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host. id: CVE-2024-32651 info: name: Change Detection - Server Side Template Injection author: edoardottt severity: critical description: | A Server...

10CVSS7.1AI score0.83722EPSS
Exploits5References4
nuclei
nuclei
added 6 hours ago61 views

Shield Security WP Plugin <= 18.5.9 - Local File Inclusion

The Shield Security Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and execute PHP fil...

9.8CVSS7.2AI score0.56567EPSS
Exploits0References3
nuclei
nuclei
added 6 hours ago85 views

CData Arc < 23.4.8839 - Path Traversal

A path traversal vulnerability exists in the Java version of CData Arc 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions. id: CVE-2024-31850 info: name: CData Arc 23.4.88...

9.8CVSS7.1AI score0.08151EPSS
Exploits1References3
nuclei
nuclei
added 6 hours ago109 views

CData Sync < 23.4.8843 - Path Traversal

A path traversal vulnerability exists in the Java version of CData Sync CData - Sync' - r...

8.6CVSS7AI score0.02885EPSS
Exploits0References2
nuclei
nuclei
added 6 hours ago406 views

Magento - SQL Injection

An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. id: CVE-2019-7139 info: name: Magento - SQL Injection author: MaStErChO severity: critical description: | An unauthenticated user can execute SQL...

9.8CVSS7.2AI score0.1545EPSS
Exploits2References5
nuclei
nuclei
added 6 hours ago87 views

WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload

Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

9.8CVSS7.3AI score0.40595EPSS
Exploits3References3
nuclei
nuclei
added 6 hours ago89 views

Academy LMS 6.0 - Cross-Site Scripting

Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting XSS vulnerability through query parameter. id: CVE-2023-38964 info: name: Academy LMS 6.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Creative Item Academy LMS 6.0 was discovered to...

6.1CVSS6.4AI score0.01056EPSS
Exploits1References2
nuclei
nuclei
added 6 hours ago180 views

CData Connect < 23.4.8846 - Path Traversal

A path traversal vulnerability exists in the Java version of CData Connect 23.4.8846 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application. id: CVE-2024-31849 info: name: CData Connect 23.4.8846...

9.8CVSS7.1AI score0.08151EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago48 views

Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so. id:...

7.5CVSS7AI score0.25855EPSS
Exploits2References2
nuclei
nuclei
added 6 hours ago154 views

PrestaShop Step by Step products Pack - SQL Injection

In the module “Step by Step products Pack” ndksteppingpack up to 1.5.6 from NDK Design for PrestaShop, a guest can perform SQL injection in affected versions. id: CVE-2023-46347 info: name: PrestaShop Step by Step products Pack - SQL Injection author: MaStErChO severity: critical description: | I...

9.8CVSS7AI score0.49885EPSS
Exploits0References2
nuclei
nuclei
added 6 hours ago90 views

PrestaShop PireosPay - SQL Injection

In the module “PireosPay” pireospay up to version 1.7.9 from 01generator.com for PrestaShop, a guest can perform SQL injection in affected versions. id: CVE-2023-45375 info: name: PrestaShop PireosPay - SQL Injection author: MaStErChO severity: high description: | In the module “PireosPay”...

8.8CVSS7AI score0.38457EPSS
Exploits1References2
nuclei
nuclei
added 6 hours ago192 views

PrestaShop AdvancedPopupCreator - SQL Injection

In the module “Advanced Popup Creator” advancedpopupcreator from Idnovate for PrestaShop, a guest can perform SQL injection in affected versions. id: CVE-2023-27032 info: name: PrestaShop AdvancedPopupCreator - SQL Injection author: MaStErChO severity: critical description: | In the module...

9.8CVSS7AI score0.0304EPSS
Exploits0References2
nuclei
nuclei
added 6 hours ago61 views

VertaAI ModelDB - Path Traversal

The endpoint "/api/v1/artifact/getArtifact?artifactpath=" is vulnerable to path traversal. The main cause of this vulnerability is due to the lack of validation and sanitization of the artifactpath parameter. id: CVE-2023-6023 info: name: VertaAI ModelDB - Path Traversal author:...

8.6CVSS7AI score0.02999EPSS
Exploits1References2
nuclei
nuclei
added 6 hours ago99 views

Apache Solr - Host Environment Variables Leak via Metrics API

Exposure of Sensitive Information to an Unauthorized Actor Vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users can specify which environment variables to hide, however, the default list is designed to wor...

6.5CVSS6.6AI score0.68665EPSS
Exploits0References5
nuclei
nuclei
added 6 hours ago118 views

MajorDoMo thumb.php - OS Command Injection

MajorDoMo aka Major Domestic Module before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager. id: CVE-2023-50917 info: name: MajorDoMo thumb.php - OS Command Injection author: DhiyaneshDK severity: critical...

9.8CVSS7.1AI score0.38263EPSS
Exploits6References5
nuclei
nuclei
added 6 hours ago121 views

Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery

The Ray Dashboard API is affected by a Server-Side Request Forgery SSRF vulnerability in the url parameter of the /logproxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as valid. id: CVE-2023-48023 info:...

9.1CVSS7AI score0.35052EPSS
Exploits1References4
nuclei
nuclei
added 6 hours ago90 views

SuiteCRM Unauthenticated Graphql Introspection

Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. id: CVE-2023-47643 info: name: SuiteCRM Unauthenticated Graphql Introspection author: isacaya severity: medium description: | Graphql Introspection is enabled without...

5.3CVSS6.2AI score0.03002EPSS
Exploits1References3
nuclei
nuclei
added 6 hours ago147 views

Label Studio - Cross-Site Scripting

Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. id: CVE-2023-47115 info: name: Label Studio - Cross-Site Scripting author: isaca...

7.1CVSS6.6AI score0.01448EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago181 views

ManageEngine OpManager - Directory Traversal

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability. id: CVE-2023-47211 info: name: ManageEngine...

9.1CVSS7.1AI score0.47024EPSS
Exploits1References3
nuclei
nuclei
added 6 hours ago331 views

Ivanti Connect Secure - XXE

Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. id: CVE-2024-22024 info: name: Ivanti Connect Secure - XXE author: watchTowr severity: high description: | Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. impact: | Successful exploitation of this...

8.3CVSS7.1AI score0.94721EPSS
Exploits1References2
nuclei
nuclei
added 6 hours ago121 views

Essential Blocks < 4.4.3 - Local File Inclusion

Wordpress Essential Blocks plugin prior to 4.4.3 was discovered to be vulnerable to a significant Local File Inclusion vulnerability that may be exploited by any attacker, regardless of whether they have an account on the site. id: CVE-2023-6623 info: name: Essential Blocks 4.4.3 - Local File...

9.8CVSS7AI score0.50673EPSS
Exploits2References3
nuclei
nuclei
added 6 hours ago76 views

pyLoad Flask Config - Access Control

pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRETKEY variable. This issue has been patched in version 0.5.0b3.dev77. id: CVE-2024-21644 info: name: pyLoad Flask Config ...

7.5CVSS6.9AI score0.42173EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago180 views

pyload - Log Injection

A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. id: CVE-2024-21645 info: name: pyload - Log Injection author: isacaya severity: medium description: | A log injection...

5.3CVSS6.3AI score0.24513EPSS
Exploits1References3
nuclei
nuclei
added 6 hours ago116 views

OpenCMS 14 & 15 - Cross Site Scripting

Cross-site scripting XSS vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury' template. id: CVE-2023-6379 info: name: OpenCMS 14 & 15 - Cross Site Scripting author: msegoviag severity: medium description: | Cross-site scripting XSS vulnerability in Alkacon...

6.1CVSS6.4AI score0.01752EPSS
Exploits0References5
nuclei
nuclei
added 6 hours ago130 views

WordPress My Calendar <3.4.22 - SQL Injection

WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injection within the 'from' and 'to' parameters of the '/my-calendar/v1/events' REST route. id: CVE-2023-6360 info: name: WordPress My Calendar 3.4.22 - SQL Injection author: xxcdd severity: critical...

9.8CVSS7.1AI score0.63141EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago178 views

WP Fastest Cache 1.2.2 - SQL Injection

The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. id: CVE-2023-6063 info: name: WP Fastest Cache 1.2.2 - SQL Injection author: DhiyaneshDK...

7.5CVSS7AI score0.73708EPSS
Exploits11References5
nuclei
nuclei
added 6 hours ago208 views

Winter CMS Local File Inclusion - (LFI)

Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local...

5.4CVSS6.1AI score0.30166EPSS
Exploits0References2
nuclei
nuclei
added 6 hours ago262 views

WordPress HTML5 Video Player - SQL Injection

WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can exploit this vulnerability to perform SQL injection attacks. id: CVE-2024-1061 info: name: WordPress HTML5 Video Player - SQL Injection author: xxcdd severity: critical description: | WordPress HTM...

9.8CVSS7AI score0.11215EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago143 views

Likeshop < 2.5.7.20210311 - Arbitrary File Upload

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file with an...

9.8CVSS6.8AI score0.70688EPSS
Exploits1References5
nuclei
nuclei
added 6 hours ago32 views

Mlflow <2.8.0 - Local File Inclusion

Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2023-6977...

10CVSS7.1AI score0.03924EPSS
Exploits2References2
Total number of security vulnerabilities4146