Lucene search
+L
NucleiRecent

4146 matches found

nuclei
nuclei
•added 6 hours ago•76 views

Repetier Server - Directory Traversal

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php. id: CVE-2023-31059 info: name: Repetier Server - Directory Traversal author: parthmalhotra,pdresearch severity: high description: | Repetier Server...

7.5CVSS7AI score0.05574EPSS
Exploits2References2
nuclei
nuclei
•added 6 hours ago•138 views

Ghost CMS < 5.42.1 - Path Traversal

Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js. id: CVE-2023-32235 info: name: Ghost CMS 5.42.1 - Path Traversal author: j3ssie severit...

7.5CVSS7.1AI score0.39078EPSS
Exploits3References4
nuclei
nuclei
•added 6 hours ago•76 views

Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2023-1020 info: name: Steveas WP Live Chat Shoutbox = 1.4.2 - SQL...

9.8CVSS7.1AI score0.0499EPSS
Exploits2References3
nuclei
nuclei
•added 6 hours ago•106 views

OURPHP <= 7.2.0 - Cross Site Scripting

OURPHP alertdocument.domain" matchers-condition: and matchers: - type: word part: body words: - "alertdocument.domain...

6.1CVSS6.4AI score0.01173EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•51 views

OURPHP <= 7.2.0 - Cross Site Scripting

OURPHP a...

6.1CVSS6.4AI score0.08115EPSS
Exploits9References5
nuclei
nuclei
•added 6 hours ago•75 views

Mlflow <2.3.0 - Local File Inclusion

Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. id: CVE-2023-2356 info: name: Mlflow 2.3.0 - Local File Inclusion author: Co5mos severity: high description: | Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. impact: | Successful exploitation...

10CVSS7AI score0.04119EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•91 views

cPanel < 11.109.9999.116 - Cross-Site Scripting

An issue was discovered in cPanel before 11.109.9999.116. Cross Site Scripting can occur on the cpsrvd error page via an invalid webcall ID. id: CVE-2023-29489 info: name: cPanel 11.109.9999.116 - Cross-Site Scripting author: DhiyaneshDk,0xKayala severity: medium description: | An issue was...

6.1CVSS6.5AI score0.65533EPSS
Exploits7References5
nuclei
nuclei
•added 6 hours ago•102 views

VMware Aria Operations for Logs - Unauthenticated Remote Code Execution

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root. id: CVE-2023-20864 info: name: VMware Aria Operations for Logs - Unauthenticated Remo...

9.8CVSS7.4AI score0.70423EPSS
Exploits0References3
nuclei
nuclei
•added 6 hours ago•132 views

Simple URLs < 115 - Cross Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-0099 info: name: Simple URLs 115 - Cross Site Scripting author: r3Y3r53 severit...

6.1CVSS6.4AI score0.01726EPSS
Exploits6References5
nuclei
nuclei
•added 6 hours ago•74 views

ATutor < 2.2.1 - Cross Site Scripting

ATutor 2.2.1 was discovered with a vulnerability, a reflected cross-site scripting XSS, in ATtutor 2.2.1 via token body parameter. id: CVE-2023-27008 info: name: ATutor 2.2.1 - Cross Site Scripting author: r3Y3r53 severity: medium description: | ATutor 2.2.1 was discovered with a vulnerability, a...

6.1CVSS6.4AI score0.01499EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•31 views

GDidees CMS v3.9.1 - Arbitrary File Download

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /admin/imgdownload.php. id: CVE-2023-27179 info: name: GDidees CMS v3.9.1 - Arbitrary File Download author: theamanrawat severity: high description: | GDidees CMS v3.9.1 a...

7.5CVSS7AI score0.60793EPSS
Exploits4References5
nuclei
nuclei
•added 6 hours ago•35 views

SecurePoint UTM 12.x Session ID Leak

An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface. id:...

7.5CVSS7AI score0.03888EPSS
Exploits4References5
nuclei
nuclei
•added 6 hours ago•48 views

Securepoint UTM - Leaking Remote Memory Contents

An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not use...

6.5CVSS6.8AI score0.04074EPSS
Exploits4References5
nuclei
nuclei
•added 6 hours ago•38 views

Appwrite <=1.2.1 - Server-Side Request Forgery

Appwrite through 1.2.1 is susceptible to server-side request forgery via the component /v1/avatars/favicon. An attacker can potentially access network resources and sensitive information via a crafted GET request, thereby also making it possible to modify data and/or execute unauthorized...

7.5CVSS7AI score0.36171EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•92 views

WordPress Pie Register <3.8.2.3 - Open Redirect

WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin does not properly validate the redirection URL when logging in and login out. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute...

5.4CVSS6.5AI score0.24263EPSS
Exploits2References2
nuclei
nuclei
•added 6 hours ago•108 views

WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting

WordPress Japanized for WooCommerce plugin before 2.5.5 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This...

6.1CVSS6.7AI score0.01213EPSS
Exploits3References5
nuclei
nuclei
•added 6 hours ago•76 views

WordPress GN Publisher <1.5.6 - Cross-Site Scripting

WordPress GN Publisher plugin before 1.5.6 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow th...

6.1CVSS6.7AI score0.0126EPSS
Exploits3References5
nuclei
nuclei
•added 6 hours ago•72 views

WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting

WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin does not sanitize and escape some parameters, such as email, dn, date, and points, before outputting then back in a page. An attacker can inject arbitrary script in the browser of an unsuspecting user in...

6.1CVSS6.3AI score0.01252EPSS
Exploits3References5
nuclei
nuclei
•added 6 hours ago•153 views

phpIPAM - 1.6 - Cross-Site Scripting

phpIPAM 1.6 contains a cross-site scripting vulnerability via the closeClass parameter at /subnet-masks/popup.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

6.1CVSS6.5AI score0.03904EPSS
Exploits3References2
nuclei
nuclei
•added 6 hours ago•39 views

Squidex <7.4.0 - Cross-Site Scripting

Squidex before 7.4.0 contains a cross-site scripting vulnerability via the squid.svg endpoint. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2023-24278 info: name: Squidex 7.4....

6.1CVSS6.4AI score0.02908EPSS
Exploits2References4
nuclei
nuclei
•added 6 hours ago•71 views

PMB v7.4.6 - Cross-Site Scripting

PMB v7.4.6 allows an attacker to perform a reflected XSS on exportz3950.php via the 'query' parameter. id: CVE-2023-24737 info: name: PMB v7.4.6 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | PMB v7.4.6 allows an attacker to perform a reflected XSS on exportz3950.php via t...

6.1CVSS6.4AI score0.01169EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•93 views

PMB 7.4.6 - Open Redirect

PMB v7.4.6 contains an open redirect vulnerability via the component /opaccss/pmb.php. An attacker can redirect a user to an external domain via a crafted URL and thereby potentially obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2023-24735 info: name:...

6.1CVSS6.4AI score0.0108EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•121 views

MinIO Cluster Deployment - Information Disclosure

MinIO is susceptible to information disclosure. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including MINIOSECRETKEY and MINIOROOTPASSWORD. An attacker can potentially obtain sensitive...

7.5CVSS7.1AI score0.83957EPSS
Exploits13References5
nuclei
nuclei
•added 6 hours ago•92 views

WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting

WordPress Ultimate FAQ plugin before 1.8.30 is susceptible to cross-site scripting via DisplayFAQ to Shortcodes/DisplayFAQs.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

6.1CVSS6.4AI score0.02195EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•53 views

WordPress Tutor LMS <2.0.10 - Cross Site Scripting

WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape the resetkey and userid parameters before outputting then back in attributes. An attacker can inject arbitrary script in the browser of an unsuspecting user in the conte...

6.1CVSS6.4AI score0.01347EPSS
Exploits2References3
nuclei
nuclei
•added 6 hours ago•75 views

Login with Phone Number - Cross-Site Scripting

Login with Phone Number, versions 1.4.2, is affected by an reflected XSS vulnerability in the login-with-phonenumber.php' file in the 'lwpforgotpassword' function. id: CVE-2023-23492 info: name: Login with Phone Number - Cross-Site Scripting author: r3Y3r53 severity: high description: | Login wit...

8.8CVSS7AI score0.57123EPSS
Exploits2References5
nuclei
nuclei
•added 6 hours ago•73 views

mojoPortal 2.7.0.0 - Cross-Site Scripting

mojoPortal 2.7.0.0 contains a cross-site scripting vulnerability in the FileDialog.aspx component, which can allow an attacker to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters. id: CVE-2023-24322 info: name: mojoPortal 2.7.0.0 - Cross-Site...

6.1CVSS6.6AI score0.31714EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•61 views

Monstra CMS 3.0.4 - Cross-Site Scripting

Monstra CMS 3.0.4 contains a cross-site scripting vulnerability via the page feature in admin/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials...

5.4CVSS6.7AI score0.01885EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•200 views

Apache Airflow <1.10.14 - Authentication Bypass

Apache Airflow prior to 1.10.14 contains an authentication bypass vulnerability via incorrect session validation with default configuration. An attacker on site A can access unauthorized Airflow on site B through the site A session. id: CVE-2020-17526 info: name: Apache Airflow 1.10.14 -...

7.7CVSS6.9AI score0.23336EPSS
Exploits0References5
nuclei
nuclei
•added 6 hours ago•57 views

WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure

WAVLINK WN530H4 M30H4.V5030.190403 contains an information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint. This can allow an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication. id:...

7.5CVSS7AI score0.07401EPSS
Exploits0References5
nuclei
nuclei
•added 6 hours ago•72 views

WAVLINK - Access Control

Wavlink WN530HG4, WN531G3, WN533A8, and WN551K are susceptible to improper access control via /cgi-bin/ExportAllSettings.sh, where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform...

7.5CVSS7AI score0.07759EPSS
Exploits0References5
nuclei
nuclei
•added 6 hours ago•67 views

74cms - ajax_street.php 'x' SQL Injection

SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajaxstreet.php. id: CVE-2020-22208 info: name: 74cms - ajaxstreet.php 'x' SQL Injection author: ritikchaddha severity: critical description: | SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajaxstreet.php. impact: | Successful...

9.8CVSS6.8AI score0.09743EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•103 views

Jenkins <=2.218 - Information Disclosure

Jenkins through 2.218, LTS 2.204.1 and earlier, is susceptible to information disclosure. An attacker can access exposed session identifiers on a user detail object in the whoAmI diagnostic page and thus potentially access sensitive information, modify data, and/or execute unauthorized operations...

5.4CVSS6.2AI score0.07044EPSS
Exploits0References5
nuclei
nuclei
•added 6 hours ago•33 views

Submitty <= 20.04.01 - Open Redirect

Submitty through 20.04.01 contains an open redirect vulnerability via authentication/login?old= during an invalid login attempt. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-13121...

6.1CVSS6.4AI score0.03518EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•87 views

AWStats < 6.95 - Open Redirect

An open redirect vulnerability in awredir.pl in AWStats 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. id: CVE-2009-5020 info: name: AWStats 6.95 - Open Redirect author: pdteam severity: medium description: An open...

5.8CVSS6.2AI score0.03488EPSS
Exploits0References3
nuclei
nuclei
•added 6 hours ago•57 views

Artica Pandora FMS <=7.42 - Arbitrary File Read

Artica Pandora FMS through 7.42 is susceptible to arbitrary file read. An attacker can read the chat history, which is in JSON format and contains user names, user IDs, private messages, and timestamps. This can potentially lead to unauthorized data modification and other operations. id:...

5.3CVSS6.3AI score0.05275EPSS
Exploits1References4
nuclei
nuclei
•added 6 hours ago•42 views

phpPgAdmin <=4.1.1 - Cross-Site Scripting

phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, which are different vectors than CVE-2007-2865. id:...

9.3CVSS6.2AI score0.14639EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•116 views

Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure

GitLab CE and EE 13.4 through 13.6.2 is susceptible to Information disclosure via GraphQL. User email is visible. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2020-26413 info:...

5.3CVSS6.3AI score0.33772EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•55 views

Joomla! RSfiles <=1.0.2 - Local File Inclusion

Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component comrsfiles. This could allow remote attackers to arbitrarily read files via a .. dot dot in the path parameter in a files.display action. id: CVE-2007-4504 info: name: Joomla! RSfiles...

5CVSS6.1AI score0.09491EPSS
Exploits0References4
nuclei
nuclei
•added 6 hours ago•54 views

Joomla! Cmimarketplace 0.1 - Local File Inclusion

Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because comcmimarketplace allows remote attackers to list arbitrary directories via a .. dot dot in the viewit parameter to index.php. id: CVE-2009-1496 info: name: Joomla! Cmimarketplace 0.1 - Local File Inclusion author: daffainf...

5CVSS6.2AI score0.07183EPSS
Exploits1References3
nuclei
nuclei
•added 6 hours ago•45 views

Joomla! Roland Breedveld Album 1.14 - Local File Inclusion

Joomla! Roland Breedveld Album 1.14 comalbum is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. dot dot in the target parameter to index.php. id: CVE-2009-3318 info: name: Joomla! Roland Breedveld...

7.5CVSS6.2AI score0.06455EPSS
Exploits1References4
nuclei
nuclei
•added 6 hours ago•55 views

Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion

Joomla! Omilen Photo Gallery comomphotogallery component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. id: CVE-2009-4202 info: name: Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion...

7.5CVSS6.3AI score0.08109EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•68 views

PRTG Network Monitor <20.1.57.1745 - Information Disclosure

PRTG Network Monitor before 20.1.57.1745 is susceptible to information disclosure. An attacker can obtain information about probes running or the server itself via an HTTP request, thus potentially being able to modify data and/or execute unauthorized administrative operations in the context of t...

5.3CVSS6.3AI score0.52059EPSS
Exploits0References5
nuclei
nuclei
•added 6 hours ago•27 views

WebGlimpse 2.18.7 - Directory Traversal

A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the DOC parameter. id: CVE-2009-5114 info: name: WebGlimpse 2.18.7 - Directory Traversal author: daffainfo severity: medium description: A...

5CVSS6.2AI score0.13653EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•75 views

Cacti v1.2.8 - Remote Code Execution

Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled. id: CVE-2020-8813 info: name: Cacti v1.2.8 - Remote Code Execution author: gy741 severity: high description: Cacti v1.2.8 is...

9.3CVSS6.9AI score0.73779EPSS
Exploits24References5
nuclei
nuclei
•added 6 hours ago•72 views

Adobe Coldfusion <=8.0.1 - Cross-Site Scripting

Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via 1 the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to 2 wizards/common/logintowizard.cfm, 3...

4.3CVSS6.2AI score0.1614EPSS
Exploits2References5
nuclei
nuclei
•added 6 hours ago•66 views

Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion

Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. encoded dot dot or an absolute pathname in the nextfile parameter. id: CVE-2009-1558 info: name: Cisco Linksys WVC54GCA 1.00R22/1.00R...

7.8CVSS6.2AI score0.28806EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•44 views

Jira Rainbow.Zen - Cross-Site Scripting

Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which allows remote attackers to inject arbitrary web script or HTML via the id parameter. id: CVE-2007-0885 info: name: Jira Rainbow.Zen - Cross-Site Scripting author: geeknik severity: medium...

6.8CVSS6.2AI score0.05472EPSS
Exploits0References3
nuclei
nuclei
•added 6 hours ago•76 views

CSE Bookstore 1.0 - SQL Injection

CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database. id: CVE-2020-36112 info: name: CSE Bookstor...

9.8CVSS7AI score0.15515EPSS
Exploits1References5
nuclei
nuclei
•added 6 hours ago•87 views

EpiServer Find <13.2.7 - Open Redirect

EpiServer Find before 13.2.7 contains an open redirect vulnerability via the tredirect parameter in a crafted URL, such as a /findv2/click URL. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id:...

6.1CVSS6.4AI score0.04719EPSS
Exploits1References5
Total number of security vulnerabilities4146