Lucene search
K
NucleiRecent

4145 matches found

Nuclei
Nuclei
•added 2 days ago•97 views

Magento Mass Importer <0.7.24 - Remote Auth Bypass

Magento Mass Importer aka MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. id: CVE-2020-5777 info: name: Magento Mass Importer 0.7.24 - Remote Auth Bypass author: dwisiswant0...

9.8CVSS7.1AI score0.23897EPSS
Exploits0References5
Nuclei
Nuclei
•added 2 days ago•68 views

Cisco Small Business RV Series - OS Command Injection

Cisco Small Business RV Series routers RV16X/RV26X versions 1.0.01.02 and before and RV34X versions 1.0.03.20 and before contain multiple OS command injection vulnerabilities in the web-based management interface. A remote attacker can execute arbitrary OS commands via the sessionid cookie or...

9.8CVSS6.9AI score0.72472EPSS
Exploits8References5
Nuclei
Nuclei
•added 2 days ago•102 views

WordPress File Upload Plugin < 4.24.8 - Cross-Site Scripting

The WordPress File Upload plugin before version 4.24.8 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'dir' parameter in the file browser page before outputting it back, which could allow attackers to execute arbitrary JavaScript code...

6.1CVSS6.3AI score0.15012EPSS
Exploits2References2
Nuclei
Nuclei
•added 2 days ago•14 views

Citrix StoreFront Server - XML External Entity

Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 3.12.4000, and 7.6 LTSR before CU8 3.0.8000 allows XXE attacks. id: CVE-2019-13608 info: name: Citrix StoreFront Server - XML External Entity author: daffainfo severity: high description: | Citrix StoreFront Server before 1903, 7.15 LTSR...

7.5CVSS7AI score0.30041EPSS
Exploits0References3
Nuclei
Nuclei
•added 2 days ago•21 views

NUUO Camera <=20250203 - OS Command Injection

NUUO Camera up to 20250203 contains a command injection caused by manipulation of the 'log' argument in /handleconfig.php, letting remote attackers execute arbitrary commands, exploit requires remote access. id: CVE-2025-1338 info: name: NUUO Camera =20250203 - OS Command Injection author: Ark...

7.5CVSS7.2AI score0.51091EPSS
Exploits1References3
Nuclei
Nuclei
•added 2 days ago•65 views

Navigate CMS 2.9.4 - Server-Side Request Forgery

Navigate CMS 2.9.4 is susceptible to server-side request forgery via feedparser class. This can allow a remote attacker to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter, thus enabling possible theft of sensitive information, data...

4.9CVSS6.2AI score0.22903EPSS
Exploits6References5
Nuclei
Nuclei
•added 2 days ago•669 views

Thinkphp Lang - Local File Inclusion

ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php. id:...

9.8CVSS7.1AI score0.16378EPSS
Exploits2References5
Nuclei
Nuclei
•added 2 days ago•109 views

Copyparty <= 1.8.2 - Directory Traversal

Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the .cpr subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This...

7.5CVSS6.9AI score0.4492EPSS
Exploits4References5
Nuclei
Nuclei
•added 2 days ago•568 views

elFinder <= 2.1.47 - Command Injection

elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. The vulnerability occurs when performing image operations on JPEG files, where the filename is passed to the exiftran utility without proper sanitization, allowing command injection. id: CVE-2019-9194 info: name:...

9.8CVSS7AI score0.96633EPSS
Exploits11References5
Nuclei
Nuclei
•added 2 days ago•64 views

NagiosXI <= 5.4.12 menuaccess.php - SQL injection

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter. id: CVE-2018-10738 info: name: NagiosXI = 5.4.12 menuaccess.php - SQL injection author: DhiyaneshDk severity: high description: | A SQL injection issue was discovered in Nagios XI befor...

7.2CVSS7AI score0.42556EPSS
Exploits2References2
Nuclei
Nuclei
•added 2 days ago•50 views

Bitrix Site Manager - Remote Code Execution

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code. id: CVE-2022-27228 info: name: Bitrix Site Manager - Remote Code Execution author: theamanrawat severity: critical description: In the vote aka "Polls, Votes...

10CVSS7.2AI score0.20318EPSS
Exploits1References3
Nuclei
Nuclei
•added 2 days ago•66 views

Apache Pinot < 1.3.0 - Authentication Bypass

This vulnerability allows remote attackers to bypass authentication on affected installations of Apache Pinot. Authentication is not required to exploit this vulnerability.The specific flaw exists within the AuthenticationFilter class. The issue results from insufficient neutralization of special...

9.8CVSS7.2AI score0.78668EPSS
Exploits0References4
Nuclei
Nuclei
•added 2 days ago•90 views

Aptana Jaxer 1.0.3.4547 - Local File inclusion

Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. An attacker can read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI. id: CVE-2019-14312 info: name: Aptana Jaxer 1.0.3.4547 - Local File inclusion author: daffainfo...

6.5CVSS6.7AI score0.20586EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•123 views

Simple Task Managing System v1.0 - SQL Injection

SQL injection occurs when a web application doesn't properly validate or sanitize user input that is used in SQL queries. Attackers can exploit this by injecting malicious SQL code into the input fields of a web application, tricking the application into executing unintended database queries. id:...

9.8CVSS7.1AI score0.20693EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•37 views

Visualizer <3.3.1 - Blind Server-Side Request Forgery

Visualizer prior to 3.3.1 suffers from a blind server-side request forgery vulnerability via the /wp-json/visualizer/v1/upload-data endpoint. id: CVE-2019-16932 info: name: Visualizer 3.3.1 - Blind Server-Side Request Forgery author: akincibor severity: critical description: | Visualizer prior to...

10CVSS7AI score0.39137EPSS
Exploits2References5
Nuclei
Nuclei
•added 2 days ago•181 views

Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload

TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats. id: CVE-2021-45428 info: name: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload author: gy741 severity: critical descriptio...

9.8CVSS7.1AI score0.56931EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•96 views

WordPress Core <6.5.2 - Cross-Site Scripting

WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. id: CVE-2024-4439 info: name: WordPress Core 6.5.2 - Cross-Site Scripting author: nqdung2002 severity: hi...

7.2CVSS6.9AI score0.70822EPSS
Exploits4References2
Nuclei
Nuclei
•added 2 days ago•100 views

Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)

It is possible to inject arbitrary JavaScript code into the /browse endpoint of the Calibre content server, allowing an attacker to craft a URL that when clicked by a victim, will execute the attacker’s JavaScript code in the context of the victim’s browser. If the Calibre server is running with...

6.1CVSS6.3AI score0.25607EPSS
Exploits1References1
Nuclei
Nuclei
•added 2 days ago•52 views

ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure

ADB formerly Pirelli Broadband Solutions P.DGA4001N router with firmware PDGTEFSP4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service device restart as demonstrated by a direct request to 1...

9.4CVSS6.1AI score0.39797EPSS
Exploits6References5
Nuclei
Nuclei
•added 2 days ago•119 views

pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection

pfSense pfBlockerNG through 2.1.426 is susceptible to OS command injection via root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected. id: CVE-2022-31814 info: name: pfSense pfBlockerNG =2.1..427 to mitigate this vulnerability. reference: -...

9.8CVSS7AI score0.87247EPSS
Exploits14References5
Nuclei
Nuclei
•added 2 days ago•84 views

Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure

Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated remote attacker to retrieve sensitive information due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and...

7.5CVSS6.8AI score0.99876EPSS
Exploits19References5
Nuclei
Nuclei
•added 2 days ago•65 views

Apache Struts <2.3.1.1 - Remote Code Execution

Apache Struts before 2.3.1.1 is susceptible to remote code execution. When developer mode is used in the DebuggingInterceptor component, a remote attacker can execute arbitrary OGNL commands via unspecified vectors, which can allow for execution of malware, obtaining sensitive information,...

6.8CVSS7.4AI score0.74405EPSS
Exploits9References5
Nuclei
Nuclei
•added 2 days ago•46 views

Kodi 17.1 - Local File Inclusion

Kodi 17.1 is vulnerable to local file inclusion vulnerabilities because of insufficient validation of user input. id: CVE-2017-5982 info: name: Kodi 17.1 - Local File Inclusion author: 0xAkoko severity: high description: | Kodi 17.1 is vulnerable to local file inclusion vulnerabilities because of...

7.5CVSS6.9AI score0.7763EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•72 views

Adobe Coldfusion <=8.0.1 - Cross-Site Scripting

Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via 1 the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to 2 wizards/common/logintowizard.cfm, 3...

4.3CVSS6.2AI score0.1614EPSS
Exploits2References5
Nuclei
Nuclei
•added 2 days ago•32 views

XiongMai uc-httpd 1.0.0 - Buffer Overflow

Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725. id: CVE-2018-10088 info: name: XiongMai uc-httpd 1.0.0 - Buffer Overflow author: 0xAkoko severity: critical description: | Buffer overflow in XiongMai uc-httpd 1.0....

10CVSS7.1AI score0.40386EPSS
Exploits8References4
Nuclei
Nuclei
•added 2 days ago•31 views

GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1. This is due to insufficient input validation on user-supplied data. An unauthenticated attacker can inject a serialized PHP object, which...

10CVSS7.3AI score0.28931EPSS
Exploits3References4
Nuclei
Nuclei
•added 2 days ago•37 views

Hunk Companion <= 1.8.4 - Arbitrary Plugin Installation

The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to...

9.8CVSS7.6AI score0.09137EPSS
Exploits2References5
Nuclei
Nuclei
•added 2 days ago•574 views

Javafaces LFI

An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware...

5CVSS6.1AI score0.32441EPSS
Exploits0References5
Nuclei
Nuclei
•added 2 days ago•53 views

MLflow < 2.11.3 - Path Traversal

MLflow versions prior to 2.11.3 are vulnerable to a Path Traversal attack due to improper URI fragment parsing. This vulnerability allows attackers to read arbitrary files on the server, potentially exposing sensitive information. id: CVE-2024-2928 info: name: MLflow 2.11.3 - Path Traversal autho...

7.5CVSS7AI score0.21847EPSS
Exploits2References2
Nuclei
Nuclei
•added 2 days ago•90 views

XStream 1.4.18 - Arbitrary Code Execution

XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the...

8.5CVSS7AI score0.143EPSS
Exploits0References5
Nuclei
Nuclei
•added 2 days ago•19 views

ImpressCMS < 1.4.3 - SQL Injection

ImpressCMS before 1.4.3 is vulnerable to SQL injection via the groups parameter in include/findusers.php, allowing unauthenticated attackers to execute arbitrary SQL queries. id: CVE-2021-26599 info: name: ImpressCMS 1.4.3 - SQL Injection author: ritikchaddha severity: high description: |...

9.8CVSS7.2AI score0.21509EPSS
Exploits6References3
Nuclei
Nuclei
•added 2 days ago•110 views

WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection

WordPress RegistrationMagic plugin before 5.0.1.6 contains an authenticated SQL injection vulnerability. The plugin does not escape user input in its rmchronosajax AJAX action before using it in a SQL statement when duplicating tasks in batches. An attacker can possibly obtain sensitive...

7.2CVSS7.1AI score0.73293EPSS
Exploits6References5
Nuclei
Nuclei
•added 2 days ago•60 views

ECOA Building Automation System - Arbitrary File Retrieval

The ECOA BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. id: CVE-2021-41293 info: name: ECOA Building Automation...

7.5CVSS7AI score0.20084EPSS
Exploits1References5
Nuclei
Nuclei
•added 2 days ago•53 views

Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor

Auerswald COMpact 5500R 7.8A and 8.0B devices contain an unauthenticated endpoint "https://192.168.1.2/aboutstate", enabling the bad actor to gain backdoor access to a web interface that allows for resetting the administrator password. id: CVE-2021-40859 info: name: Auerswald COMpact 5500R 7.8A a...

10CVSS7.1AI score0.71979EPSS
Exploits6References4
Nuclei
Nuclei
•added 2 days ago•51 views

Rosario Student Information System Unauthenticated SQL Injection

An unauthenticated SQL injection vulnerability in Rosario Student Information System aka rosariosis 8.1 and below allow remote attackers to execute PostgreSQL statements e.g., SELECT, INSERT, UPDATE, and DELETE through /Side.php via the syear parameter. id: CVE-2021-44427 info: name: Rosario...

9.8CVSS7.2AI score0.50641EPSS
Exploits1References5
Nuclei
Nuclei
•added 2 days ago•57 views

WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload

WordPress Modern Events Calendar Lite plugin before 5.16.5 is susceptible to authenticated arbitrary file upload. The plugin does not properly check the imported file, allowing PHP files to be uploaded and/or executed by an administrator or other high-privilege user using the text/csv content-typ...

7.2CVSS7.2AI score0.88158EPSS
Exploits9References5
Nuclei
Nuclei
•added 2 days ago•45 views

Nagios XI < 5.8.6 - Cross-Site Scripting

In Nagios XI before 5.8.6, XSS exists in the dashboard page /dashboards/ when administrative users attempt to edit a dashboard. id: CVE-2021-38156 info: name: Nagios XI 5.8.6 - Cross-Site Scripting author: ritikchaddha severity: medium description: | In Nagios XI before 5.8.6, XSS exists in the...

5.4CVSS6.2AI score0.88939EPSS
Exploits1References2
Nuclei
Nuclei
•added 2 days ago•128 views

WordPress Workreap - Remote Code Execution

WordPress Workreap theme is susceptible to remote code execution. The AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to th...

9.8CVSS7.3AI score0.60113EPSS
Exploits9References5
Nuclei
Nuclei
•added 2 days ago•36 views

WordPress True Ranker <2.2.4 - Local File Inclusion

WordPress True Ranker before version 2.2.4 allows sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file via local file inclusion. id: CVE-2021-39312 info: name: WordPress True Ranker 2.2...

7.5CVSS6.9AI score0.77944EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•110 views

Advantech R-SeeNet 2.4.12 - Cross-Site Scripting

Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the sshform.php script functionality. id: CVE-2021-21800 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...

9.6CVSS6.7AI score0.14115EPSS
Exploits1References5
Nuclei
Nuclei
•added 2 days ago•188 views

Gurock TestRail Application files.md5 Exposure

Improper access control in Gurock TestRail versions 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths which can then...

7.5CVSS6.9AI score0.48417EPSS
Exploits4References5
Nuclei
Nuclei
•added 2 days ago•41 views

SquirrelMail 1.4.x - Folder Name Cross-Site Scripting

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. id: CVE-2004-0519 info: name: SquirrelMail 1.4.x -...

6.8CVSS6.3AI score0.22528EPSS
Exploits1References5
Nuclei
Nuclei
•added 2 days ago•62 views

WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting

Multiple cross-site scripting vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 title parameter to app/view/agenda-widget-form.php; 2 args, 3 title, 4 beforetitle, or 5 aftertitle parameter to...

4.3CVSS6.2AI score0.08946EPSS
Exploits2References3
Nuclei
Nuclei
•added 2 days ago•66 views

elFinder < 2.1.58 - Remote Code Execution

studio-42/elfinder before 2.1.58 contains a remote code execution caused by execution of PHP code in a .phar file, letting attackers execute arbitrary PHP code if the server parses .phar files as PHP, exploit requires server to parse .phar files as PHP. id: CVE-2021-23394 info: name: elFinder...

9.8CVSS7.5AI score0.19083EPSS
Exploits1References4
Nuclei
Nuclei
•added 2 days ago•29 views

Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS

Multiple cross-site scripting XSS vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 redirect parameter to member.php, 2 to parameter to myhome.php 3 TID parameter to post.php, or 4 redirect parameter to...

4.3CVSS6.2AI score0.08442EPSS
Exploits3References5
Nuclei
Nuclei
•added 2 days ago•56 views

WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting

WordPress Supsystic Contact Form plugin before 1.7.15 contains a cross-site scripting vulnerability. It does not sanitize the tab parameter of its options page before outputting it in an attribute. id: CVE-2021-24276 info: name: WordPress Supsystic Contact Form 1.7.15 - Cross-Site Scripting autho...

6.1CVSS6.3AI score0.16044EPSS
Exploits5References5
Nuclei
Nuclei
•added 2 days ago•76 views

3DPrint Lite < 1.9.1.5 - Arbitrary File Upload

The plugin does not have any authorisation and does not check the uploaded file in its p3dlitehandleupload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache. id:...

9.8CVSS7.2AI score0.06646EPSS
Exploits2References3
Nuclei
Nuclei
•added 2 days ago•108 views

MinIO Browser API - Server-Side Request Forgery

MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forgery vulnerability. id: CVE-2021-21287 info: name: MinIO Browser API - Server-Side Request Forgery author: pikpikcu severity: high description: MinIO Browser API before version...

7.7CVSS7AI score0.24784EPSS
Exploits0References5
Nuclei
Nuclei
•added 2 days ago•48 views

TermTalk Server 3.24.0.2 - Local File Inclusion

TermTalk Server TTServer 3.24.0.2 is vulnerable to file inclusion which allows unauthenticated malicious user to gain access to the files on the remote system by providing the relative path of the file they want to retrieve. id: CVE-2021-35380 info: name: TermTalk Server 3.24.0.2 - Local File...

7.5CVSS7AI score0.38954EPSS
Exploits1References5
Nuclei
Nuclei
•added 2 days ago•90 views

WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution

WordPress WPCargo Track & Trace plugin before 6.9.0 is susceptible to remote code execution, The plugin contains a file which can allow an attacker to write a PHP file anywhere on the web server, leading to possible remote code execution. This can allow an attacker to execute malware, obtain...

9.8CVSS7.3AI score0.56148EPSS
Exploits3References5
Total number of security vulnerabilities4145