Lucene search
K
NucleiRecent

4145 matches found

Nuclei
Nuclei
•added yesterday•64 views

Apache Flink 1.5.1 - Local File Inclusion

Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uploads to an arbitrary location on the local file system through a maliciously modified HTTP HEADER. id: CVE-2020-17518 info: name: Apache Flink 1.5.1 - Local File Inclusion author: pdteam severit...

7.5CVSS7.1AI score0.50038EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•71 views

Adobe Coldfusion <=8.0.1 - Cross-Site Scripting

Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via 1 the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to 2 wizards/common/logintowizard.cfm, 3...

4.3CVSS6.2AI score0.1614EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•49 views

XWiki < 4.10.15 - Email Disclosure

The Solr-based search in XWiki discloses the email addresses of users even when obfuscation of email addresses is enabled. To demonstrate the vulnerability, search for objcontent:email using XWiki's regular search interface. id: CVE-2023-50720 info: name: XWiki 4.10.15 - Email Disclosure author:...

5.3CVSS6.2AI score0.59119EPSS
Exploits0References2
Nuclei
Nuclei
•added yesterday•129 views

WordPress My Calendar <3.4.22 - SQL Injection

WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injection within the 'from' and 'to' parameters of the '/my-calendar/v1/events' REST route. id: CVE-2023-6360 info: name: WordPress My Calendar 3.4.22 - SQL Injection author: xxcdd severity: critical...

9.8CVSS7.1AI score0.63141EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•32 views

TurboMeeting - Post-Authentication Command Injection

The Certificate Signing Request CSR feature in the admin portal of the application is vulnerable to command injection. This vulnerability could allow authenticated admin users to execute arbitrary commands on the underlying server by injecting malicious input into the CSR generation process. The...

7.2CVSS6.3AI score0.03216EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•293 views

Splunk Enterprise - Local File Inclusion

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. id: CVE-2024-36991 info: name: Splunk...

7.5CVSS7AI score0.1311EPSS
Exploits10References3
Nuclei
Nuclei
•added yesterday•95 views

VICIdial - SQL Injection

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database. id: CVE-2024-8503 info: name: VICIdial - SQL Injection author: s4e-io severity: critical description:...

9.8CVSS7AI score0.80023EPSS
Exploits12References3
Nuclei
Nuclei
•added yesterday•596 views

WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF

WordPress Automatic plugin 3.92.1 is vulnerable to unauthenticated Arbitrary File Download and SSRF Located in the downloader.php file, could permit attackers to download any file from a site. Sensitive data, including login credentials and backup files, could fall into the wrong hands. This...

9.9CVSS7AI score0.93971EPSS
Exploits18References3
Nuclei
Nuclei
•added yesterday•236 views

Calibre <= 7.14.0 Remote Code Execution

Unauthenticated remote code execution via Calibre’s content server in Calibre = 7.14.0. id: CVE-2024-6782 info: name: Calibre = 7.14.0 Remote Code Execution author: DhiyaneshDK severity: critical description: | Unauthenticated remote code execution via Calibre’s content server in Calibre = 7.14.0...

9.8CVSS7.4AI score0.83393EPSS
Exploits8References1
Nuclei
Nuclei
•added yesterday•112 views

Linksys RE7000 - Command Injection

Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point id: CVE-2024-25852 info: name: Linksys RE7000 - Command Injection author: s4e-io severity: high description: | Linksys RE7000 v2.0.9, v2.0.1...

8.8CVSS7.1AI score0.16519EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•53 views

Calibre <= 7.14.0 Arbitrary File Read

Arbitrary file read via Calibre’s content server in Calibre = 7.14.0. id: CVE-2024-6781 info: name: Calibre = 7.14.0 Arbitrary File Read author: DhiyaneshDK severity: high description: | Arbitrary file read via Calibre’s content server in Calibre = 7.14.0. impact: | Attackers can exploit the...

7.5CVSS7AI score0.62696EPSS
Exploits0References1
Nuclei
Nuclei
•added yesterday•18 views

ArForms < 6.6 - Remote Code Execution

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form id: CVE-2024-4620 info: name: ArForms 6.6 - Remote Code Execution autho...

9.8CVSS6.1AI score0.03345EPSS
Exploits2References1
Nuclei
Nuclei
•added yesterday•82 views

Kemp LoadMaster Load Balancer - Unauthenticated Command Injection

Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: LoadMaster: 7.2.40.0 and above. ECS: All versions.Multi-Tenancy: 7.1.35.4 and above. id: CVE-2024-7591 info: name: Kemp LoadMaster Load Balancer - Unauthenticated Command Injection autho...

10CVSS7.1AI score0.44069EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•52 views

MLflow < 2.11.3 - Path Traversal

MLflow versions prior to 2.11.3 are vulnerable to a Path Traversal attack due to improper URI fragment parsing. This vulnerability allows attackers to read arbitrary files on the server, potentially exposing sensitive information. id: CVE-2024-2928 info: name: MLflow 2.11.3 - Path Traversal autho...

7.5CVSS7AI score0.21847EPSS
Exploits2References2
Nuclei
Nuclei
•added yesterday•71 views

Node.js <8.6.0 - Directory Traversal

Node.js before 8.6.0 allows remote attackers to access unintended files because a change to ".." handling is incompatible with the pathname validation used by unspecified community modules. id: CVE-2017-14849 info: name: Node.js 8.6.0 - Directory Traversal author: RandomRobbie severity: high...

7.5CVSS7AI score0.54389EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•57 views

Trixbox 2.8.0 - Path Traversal

Trixbox 2.8.0.4 is susceptible to path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php. id: CVE-2017-14537 info: name: Trixbox 2.8.0 - Path Traversal author: pikpikcu severity: medium description: Trixbox 2.8.0.4 is...

6.5CVSS6.6AI score0.39486EPSS
Exploits4References4
Nuclei
Nuclei
•added yesterday•31 views

Kaseya VSA 2017 ConnectWise ManagedITSync - Remote Code Execution

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run...

9.8CVSS7.2AI score0.86706EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•38 views

Trixbox - 2.8.0.4 OS Command Injection

Trixbox 2.8.0.4 is vulnerable to OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php. id: CVE-2017-14535 info: name: Trixbox - 2.8.0.4 OS Command Injection author: pikpikcu severity: high description: Trixbox 2.8.0.4 is vulnerable to OS command...

9CVSS7AI score0.50069EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•88 views

Cherokee HTTPD <=0.5 - Cross-Site Scripting

Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated. id: CVE-2006-1681 info:...

4.3CVSS6.2AI score0.06643EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•107 views

D-Link - Unauthenticated Remote Code Execution

OS command injection vulnerability in soap.cgi soapcgimain in cgibin in D-Link DIR-880L DIR-880LREVAFIRMWAREPATCH1.08B04 and previous versions, DIR-868L DIR868LA1FW112b04 and previous versions, DIR-65L DIR-865LREVAFIRMWAREPATCH1.08.B01 and previous versions, and DIR-860L DIR860LA1FW110b04 and...

10CVSS7.4AI score0.96682EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•36 views

PHP Proxy 3.0.3 - Local File Inclusion

PHP Proxy 3.0.3 is susceptible to local file inclusion vulnerabilities that allow unauthenticated users to read files from the server via index.php?q=file:/// a different vulnerability than CVE-2018-19246. id: CVE-2018-19458 info: name: PHP Proxy 3.0.3 - Local File Inclusion author: daffainfo...

7.5CVSS7AI score0.32885EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•38 views

Schools Alert Management Script - Arbitrary File Read

Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal. id: CVE-2018-12054 info: name: Schools Alert Management Script - Arbitrary File Read author: wisnupramoedya severity: high description: Schools Alert...

7.5CVSS7AI score0.39391EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•50 views

Loytec LGATE-902 <6.4.2 - Local File Inclusion

Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion vulnerability. id: CVE-2018-14916 info: name: Loytec LGATE-902 6.4.2 - Local File Inclusion author: 0xAkoko severity: critical description: Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion...

9.4CVSS7AI score0.17195EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•27 views

Joomla! Component Address Book 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the AddressBook comaddressbook component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1471 info: name: Joomla! Component Address Book 1.5.0 - Local File Inclusion...

7.5CVSS6.2AI score0.16152EPSS
Exploits2References4
Nuclei
Nuclei
•added yesterday•23 views

Joomla! Component User Status - Local File Inclusion

A directory traversal vulnerability in userstatus.php in the User Status comuserstatus component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1304 info: name: Joomla! Component User Status - Local File...

5CVSS6.2AI score0.14041EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•63 views

Joomla! Component NoticeBoard 1.3 - Local File Inclusion

A directory traversal vulnerability in the Code-Garage NoticeBoard comnoticeboard component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1658 info: name: Joomla!...

5CVSS6.2AI score0.16014EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•66 views

LG SuperSign EZ CMS 2.5 - Local File Inclusion

LG SuperSign CMS 2.5 allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs - aka local file inclusion. id: CVE-2018-16288 info: name: LG SuperSign EZ CMS 2.5 - Local File Inclusion author: daffainfo severity: high description: | LG SuperSign CMS 2.5 allows reading of...

8.6CVSS7.1AI score0.35828EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•67 views

Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection

SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request. id: CVE-2018-6605 info: name: Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection author: DhiyaneshDk severity...

9.8CVSS7AI score0.58324EPSS
Exploits5References3
Nuclei
Nuclei
•added yesterday•23 views

WordPress Duplicator Plugin < 1.2.42 - Arbitrary Code Execution

An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution. id: CVE-2018-17207 info: name:...

9.8CVSS7.2AI score0.58794EPSS
Exploits4References2
Nuclei
Nuclei
•added yesterday•19 views

Schneider Electric U.motion Builder - Remote Code Execution

U.motion Builder 1.3.4 contains a remote code execution vulnerability caused by improper input sanitization, allowing attackers to execute arbitrary system commands through crafted input parameters. id: CVE-2018-7841 info: name: Schneider Electric U.motion Builder - Remote Code Execution author:...

9.8CVSS7.5AI score0.72486EPSS
Exploits6References4
Nuclei
Nuclei
•added yesterday•78 views

Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure

Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true...

5CVSS7AI score0.53728EPSS
Exploits9References5
Nuclei
Nuclei
•added yesterday•58 views

FlexPaper/FlowPaper 2.3.6 - Remote Code Execution

The Publish Service in FlexPaper later renamed FlowPaper 2.3.6 allows remote code execution via setup.php and changeconfig.php. id: CVE-2018-11686 info: name: FlexPaper/FlowPaper 2.3.6 - Remote Code Execution author: iamnoooob,pdresearch,pszyszkowski severity: critical description: | The Publish...

9.8CVSS7.4AI score0.49787EPSS
Exploits4References1
Nuclei
Nuclei
•added yesterday•47 views

DedeCMS 5.7 - Path Disclosure

DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/incarchivesfunctions.php id: CVE-2018-6910 info: name: DedeCMS 5.7 - Path Disclosure author: pikpikcu severity: high description: DedeCMS 5.7 allows remote attackers to discover t...

7.5CVSS7AI score0.18955EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•94 views

Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the apply action in StorageMgmtController. The callStoragePerl function does not sufficiently validate or sanitize HTTP request parameter values that are used to construct a shell command. An attacker can trigger this vulnerabili...

10CVSS7.1AI score0.42551EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•67 views

Fortinet FortiOS - Cross-Site Scripting

Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal are vulnerable to cross-site scripting and allows attacker to execute unauthorized malicious script code via the error or message handling parameters. id: CVE-2018-13380 info: name:...

6.1CVSS6.4AI score0.62474EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•51 views

IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion

IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion. id: CVE-2018-10956 info: name: IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion author: 0xAkoko severity: high description: | IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion. impact: | An...

7.5CVSS7AI score0.56318EPSS
Exploits6References5
Nuclei
Nuclei
•added yesterday•73 views

Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting

Oracle Secure Global Desktop Administration Console 4.4 contains a reflected cross-site scripting vulnerability in helpwindow.jsp via all parameters, as demonstrated by the sgdadmin/faces/comsunwebui/help/helpwindow.jsp windowTitle parameter. id: CVE-2018-19439 info: name: Oracle Secure Global...

6.1CVSS6.4AI score0.20457EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•43 views

Joomla! Component Cookex Agency CKForms - Local File Inclusion

A directory traversal vulnerability in the Cookex Agency CKForms comckforms component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1345 info: name: Joomla! Component Cookex Agency CKForms - Local File...

5CVSS6.2AI score0.16872EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•33 views

Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion

A directory traversal vulnerability in joomlaflickr.php in the Joomla! Flickr comjoomlaflickr component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1980 info: name: Joomla! Component...

7.5CVSS6.3AI score0.18835EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•54 views

Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion

A directory traversal vulnerability in the Community Polls comcommunitypolls component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1081 info: name: Joomla! Component...

5CVSS6.2AI score0.14331EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•75 views

Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion

A directory traversal vulnerability in the GCalendar comgcalendar component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-0972 info: name: Joomla! Component comgcalendar Suite 2.1.5 -...

7.5CVSS6.3AI score0.13257EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•41 views

Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion

A directory traversal vulnerability in the Realtyna Translator comrealtyna component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2682 info: name: Joomla!...

7.5CVSS6.2AI score0.14311EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•49 views

Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the traceroute function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic...

10CVSS7.1AI score0.39544EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•44 views

Adobe Experience Manager - XML External Entity Injection

Adobe Experience Manager 6.5, 6.4, 6.3 and 6.2 are susceptible to XML external entity injection. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2019-8086 info: name: Adobe...

7.5CVSS7AI score0.24141EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•192 views

Jfrog Artifactory <6.17.0 - Default Admin Password

Jfrog Artifactory prior to 6.17.0 uses default passwords such as "password" for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. id: CVE-2019-17444 info: name: Jfrog Artifactory...

9.8CVSS7AI score0.69445EPSS
Exploits0References4
Nuclei
Nuclei
•added yesterday•17 views

TOTOLINK/Realtek Routers - CAPTCHA Bypass

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to the boafrm/formLogin URI with the JSON payload "topicurl":"setting/getSanvas". This allows an unauthenticated attacker to bypass CAPTCHA verification, gaining unauthorized access to restricted...

9.8CVSS7AI score0.29557EPSS
Exploits3References2
Nuclei
Nuclei
•added yesterday•159 views

FlightPath - Local File Inclusion

FlightPath versions prior to 4.8.2 and 5.0-rc2 are vulnerable to local file inclusion. id: CVE-2019-13396 info: name: FlightPath - Local File Inclusion author: 0xAkoko,daffainfo severity: medium description: FlightPath versions prior to 4.8.2 and 5.0-rc2 are vulnerable to local file inclusion...

5.3CVSS6.2AI score0.62572EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•83 views

Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure

Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated remote attacker to retrieve sensitive information due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and...

7.5CVSS6.8AI score0.99876EPSS
Exploits19References5
Nuclei
Nuclei
•added yesterday•76 views

Zoho ManageEngine OpManager - SQL Injection

Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL...

7.5CVSS7AI score0.66347EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•123 views

Ruby On Rails - Local File Inclusion

Ruby On Rails is vulnerable to local file inclusion caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server. id: CVE-2018-3760 info: name: Ruby On Rails - Local File Inclusio...

7.5CVSS7AI score0.26717EPSS
Exploits2References5
Total number of security vulnerabilities4145