Lucene search
K
NucleiRecent

4145 matches found

Nuclei
Nuclei
•added yesterday•49 views

Grafana - Improper Access Control

Grafana 2.x through 6.x before 6.3.4 is susceptible to improper access control. An attacker can delete and create arbitrary snapshots, leading to denial of service. id: CVE-2019-15043 info: name: Grafana - Improper Access Control author: Joshua Rogers severity: high description: | Grafana 2.x...

7.5CVSS6.8AI score0.63388EPSS
Exploits1References6
Nuclei
Nuclei
•added yesterday•41 views

SquirrelMail 1.4.x - Folder Name Cross-Site Scripting

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. id: CVE-2004-0519 info: name: SquirrelMail 1.4.x -...

6.8CVSS6.3AI score0.22528EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•29 views

Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS

Multiple cross-site scripting XSS vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 redirect parameter to member.php, 2 to parameter to myhome.php 3 TID parameter to post.php, or 4 redirect parameter to...

4.3CVSS6.2AI score0.08442EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•62 views

WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting

Multiple cross-site scripting vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 title parameter to app/view/agenda-widget-form.php; 2 args, 3 title, 4 beforetitle, or 5 aftertitle parameter to...

4.3CVSS6.2AI score0.08946EPSS
Exploits2References3
Nuclei
Nuclei
•added yesterday•66 views

elFinder < 2.1.58 - Remote Code Execution

studio-42/elfinder before 2.1.58 contains a remote code execution caused by execution of PHP code in a .phar file, letting attackers execute arbitrary PHP code if the server parses .phar files as PHP, exploit requires server to parse .phar files as PHP. id: CVE-2021-23394 info: name: elFinder...

9.8CVSS7.5AI score0.19083EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•57 views

WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload

WordPress Modern Events Calendar Lite plugin before 5.16.5 is susceptible to authenticated arbitrary file upload. The plugin does not properly check the imported file, allowing PHP files to be uploaded and/or executed by an administrator or other high-privilege user using the text/csv content-typ...

7.2CVSS7.2AI score0.88158EPSS
Exploits9References5
Nuclei
Nuclei
•added yesterday•188 views

Gurock TestRail Application files.md5 Exposure

Improper access control in Gurock TestRail versions 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths which can then...

7.5CVSS6.9AI score0.48417EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•102 views

BackupBuddy - Local File Inclusion

BackupBuddy versions 8.5.8.0 - 8.7.4.1 are vulnerable to a local file inclusion vulnerability via the 'download' and 'local-destination-id' parameters. id: CVE-2022-31474 info: name: BackupBuddy - Local File Inclusion author: aringo severity: high description: BackupBuddy versions 8.5.8.0 - 8.7.4...

7.5CVSS7AI score0.63761EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•46 views

Dairy Farm Shop Management System 1.0 - SQL Injection

Dairy Farm Shop Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context ...

9.8CVSS7.1AI score0.19478EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•258 views

ZTE MF971R - Referer authentication bypass

ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click. id: CVE-2021-21745 info: name: ZTE MF971R - Referer authentication bypass...

4.3CVSS6.7AI score0.55709EPSS
Exploits0References4
Nuclei
Nuclei
•added yesterday•9 views

Lodash Template - Server-Side Template Injection (RCE)

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. id: CVE-2021-23337 info: name: Lodash Template - Server-Side Template Injection RCE author: DhiyaneshDk severity: high description: | Lodash versions prior to 4.17.21 are vulnerable to Command Injectio...

7.2CVSS6.7AI score0.2241EPSS
Exploits3References4
Nuclei
Nuclei
•added yesterday•120 views

Sercomm VD625 Smart Modems - CRLF Injection

Sercomm AGCOMBO VD625 Smart Modems with firmware version AGSOT2.1.0 are vulnerable to Carriage Return Line Feed CRLF injection via the Content-Disposition header. id: CVE-2021-27132 info: name: Sercomm VD625 Smart Modems - CRLF Injection author: geeknik severity: critical description: Sercomm...

9.8CVSS7AI score0.16062EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•147 views

MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion

MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in conjunction with a loginLess or login.htm URI for authentication bypass to the web server, as demonstrated by the /loginLess/../../etc/passwd URI. id: CVE-2021-23241 info: name: MERCUSYS Mercury X18G 1.0.5 Route...

5.3CVSS6.6AI score0.13436EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•57 views

D-Link DIR-605 - Information Disclosure

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version - 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page id: CVE-2021-40655 info: name: D-Link DIR-605 - Information Disclosure author: DhiyaneshDK severity: high...

7.5CVSS7.1AI score0.87039EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•86 views

CentOS Web Panel - SQL Injection

The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter. id: CVE-2021-31316 info: name: CentOS Web Panel - SQL Injection author: ritikchaddha severity: critical description: | The unprivileged user portal part of CentOS Web Pane...

10CVSS7.1AI score0.13029EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•140 views

GitLab GraphQL API User Enumeration

An unauthenticated remote attacker can leverage this vulnerability to collect registered GitLab usernames, names, and email addresses. id: CVE-2021-4191 info: name: GitLab GraphQL API User Enumeration author: zsusac severity: medium description: An unauthenticated remote attacker can leverage thi...

5.3CVSS6.8AI score0.80004EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•97 views

Nortek Linear eMerge E3-Series - Cross-Site Scripting

There is a local session fixation vulnerability that, when chained with cross-site scripting, leads to account take over of admin or a lower privileged user. id: CVE-2022-31798 info: name: Nortek Linear eMerge E3-Series - Cross-Site Scripting author: ritikchaddha severity: medium description: |...

6.1CVSS6.3AI score0.06652EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•43 views

Simple File List < 4.4.12 - Cross Site Scripting

The plugin does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting id: CVE-2022-3062 info: name: Simple File List 4.4.12 - Cross Site Scripting author: r3Y3r53 severity: medium description: | The plugin does not escape parameters before...

6.1CVSS6.8AI score0.44095EPSS
Exploits2References4
Nuclei
Nuclei
•added yesterday•18 views

Sassy Social Share <= 3.3.3 - Cross-Site Scripting

The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateorssssharingcount' AJAX action in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS6.2AI score0.1544EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•40 views

College Management System 1.0 - SQL Injection

College Management System 1.0 contains a SQL injection vulnerability via the course code parameter. id: CVE-2022-28079 info: name: College Management System 1.0 - SQL Injection author: ritikchaddha severity: high description: | College Management System 1.0 contains a SQL injection vulnerability...

8.8CVSS7.1AI score0.28826EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•122 views

Simple Task Managing System v1.0 - SQL Injection

SQL injection occurs when a web application doesn't properly validate or sanitize user input that is used in SQL queries. Attackers can exploit this by injecting malicious SQL code into the input fields of a web application, tricking the application into executing unintended database queries. id:...

9.8CVSS7.1AI score0.20693EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•65 views

WordPress ARPrice <3.6.1 - SQL Injection

WordPress ARPrice plugin prior to 3.6.1 contains a SQL injection vulnerability. It fails to properly sanitize and escape user supplied POST data before being inserted in an SQL statement and executed via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or...

9.8CVSS7.2AI score0.13256EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•190 views

QNAP QTS Photo Station External Reference - Local File Inclusion

QNAP QTS Photo Station External Reference is vulnerable to local file inclusion via an externally controlled reference to a resource vulnerability. If exploited, this could allow an attacker to modify system files. The vulnerability is fixed in the following versions: QTS 5.0.1: Photo Station 6.1...

10CVSS7AI score0.87908EPSS
Exploits0
Nuclei
Nuclei
•added yesterday•74 views

VMware - Local File Inclusion

VMware Workspace ONE Access, Identity Manager, and Realize Automation are vulnerable to local file inclusion because they contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access withou...

9.8CVSS7.1AI score0.18994EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•51 views

Download Monitor < 4.4.5 - SQL Injection

The Download Monitor plugin for WordPress is vulnerable to SQL injection via the 'orderby' parameter in versions before 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attacker...

7.2CVSS7AI score0.17484EPSS
Exploits5References3
Nuclei
Nuclei
•added yesterday•90 views

SonLogger - Arbitrary File Upload

SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file. id: CVE-2021-27964 info:...

9.8CVSS7AI score0.46021EPSS
Exploits5References2
Nuclei
Nuclei
•added yesterday•61 views

WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting

WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the galleryid, tag, albumid and themeid GET parameters passed to the bwgfrontenddata AJAX action, available to both unauthenticated and authenticated users. id: CVE-2021-2429...

6.1CVSS6.5AI score0.1445EPSS
Exploits2References3
Nuclei
Nuclei
•added yesterday•63 views

CHIYU TCP/IP Converter - Cross-Site Scripting

CHIYU BF-430, BF-431 and BF-450M TCP/IP Converter devices contain a cross-site scripting vulnerability due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, and ppp.cgi. id: CVE-2021-31250 info: name: CHIYU TCP/IP Converter - Cross-Site Scripting author: geeknik...

5.4CVSS6.2AI score0.79605EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•86 views

WordPress Asgaros Forum <1.15.13 - SQL Injection

WordPress Asgaros Forum plugin before 1.15.13 is susceptible to SQL injection. The plugin does not validate and escape user input when subscribing to a topic before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...

9.8CVSS7.1AI score0.13285EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•57 views

rConfig <=3.9.4 - SQL Injection

rConfig 3.9.4 and prior has unauthenticated snippets.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. id: CVE-2020-10549 info: name: rConfig 3.9.4 or apply th...

9.8CVSS7AI score0.36164EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•17 views

PSW Front-end Login & Registration 1.13 - Weak Password Recovery

PSW Front-end Login & Registration plugin for WordPress contains a weak password recovery mechanism that can be exploited by unauthenticated attackers. This vulnerability affects versions through 1.13 and allows attackers to potentially gain unauthorized access. id: CVE-2025-47646 info: name: PSW...

9.8CVSS7AI score0.21914EPSS
Exploits3References5
Nuclei
Nuclei
•added yesterday•123 views

Wordpress Country State City Dropdown <=2.7.2 - SQL Injection

The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

9.8CVSS6.1AI score0.13618EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•26 views

DotNetNuke 9.2 - 9.2.1 - Weak Encryption & Cookie Deserialization

DNN DotNetNuke versions 9.2 through 9.2.1 use a weak encryption algorithm to protect input parameters. This cryptographic weakness enables attackers to craft malicious DNNPersonalization cookies that can be deserialized, leading to remote code execution. id: CVE-2018-15811 info: name: DotNetNuke...

7.5CVSS7.1AI score0.74048EPSS
Exploits4References4
Nuclei
Nuclei
•added yesterday•201 views

Oracle WebLogic Server - Remote Code Execution

Oracle WebLogic Server Oracle Fusion Middleware component: WLS Core Components is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated...

9.8CVSS7.5AI score0.93168EPSS
Exploits18References5
Nuclei
Nuclei
•added yesterday•25 views

PyArrow Flight RPC - Remote Code Execution

PyArrow Flight RPC from v0.14.0 through v14.0.0 allows remote attackers to execute arbitrary code via a maliciously crafted Python-defined extension type. id: CVE-2023-47248 info: name: PyArrow Flight RPC - Remote Code Execution author: smolse severity: critical description: | PyArrow Flight RPC...

9.8CVSS7AI score0.14414EPSS
Exploits0References4
Nuclei
Nuclei
•added yesterday•244 views

Responsive FileManager <9.13.4 - Local File Inclusion

Responsive FileManager before version 9.13.4 is vulnerable to local file inclusion via filemanager/ajaxcalls.php because it uses external input to construct a pathname that should be within a restricted directory, aka local file inclusion. id: CVE-2018-15535 info: name: Responsive FileManager...

7.5CVSS6.7AI score0.45242EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•63 views

DokuWiki - Cross-Site Scripting

DokuWiki through 2017-02-19b contains a cross-site scripting vulnerability in the DATEAT parameter to doku.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

6.1CVSS6.9AI score0.03253EPSS
Exploits1References3
Nuclei
Nuclei
•added yesterday•28 views

Simple Online Planning Tool <1.3.2 - Local File Inclusion

SOPlanning 1.32 contain a directory traversal in the filegetcontents function via a .. dot dot in the fichier parameter. id: CVE-2014-8676 info: name: Simple Online Planning Tool 1.3.2 - Local File Inclusion author: 0xAkoko severity: medium description: | SOPlanning 1.32 contain a directory...

5.3CVSS6.5AI score0.40779EPSS
Exploits4References5
Nuclei
Nuclei
•added yesterday•127 views

Kyocera Printer d-COPIA253MF - Directory Traversal

Kyocera Printer d-COPIA253MF plus is susceptible to a directory traversal vulnerability which could allow an attacker to retrieve or view arbitrary files from the affected server. id: CVE-2020-23575 info: name: Kyocera Printer d-COPIA253MF - Directory Traversal author: 0xAkoko severity: high...

7.5CVSS6.8AI score0.36765EPSS
Exploits0References4
Nuclei
Nuclei
•added yesterday•100 views

Fortinet FortiSandbox - Command Injection

Fortinet FortiSandbox 4.4.0 through 4.4.8 contains a command injection caused by improper neutralization of special elements in OS commands, letting attackers execute unauthorized code or commands, exploit requires crafted input. id: CVE-2026-39808 info: name: Fortinet FortiSandbox - Command...

9.8CVSS7.2AI score0.48668EPSS
Exploits6References2
Nuclei
Nuclei
•added yesterday•69 views

Joomla! Component SmartSite 1.0.0 - Local File Inclusion

A directory traversal vulnerability in the SmartSite comsmartsite component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1657 info: name: Joomla! Component SmartSite 1.0.0 - Local File Inclusion author:...

5CVSS6.2AI score0.19192EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•82 views

Download Monitor <= 4.7.60 - Sensitive Information Exposure

The Download Monitor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.7.60 via REST API. This can allow unauthenticated attackers to extract sensitive data including user reports, download reports, and user data including email, role, id and...

7.5CVSS7AI score0.38083EPSS
Exploits0References4
Nuclei
Nuclei
•added yesterday•35 views

Jira Improper Authorization

The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check. id: CVE-2019-8446 info: name: Jira Improper Authorization author: dhiyaneshDk severity: medium description: The /rest/issueNav/1/issueTable...

5.3CVSS6.3AI score0.1755EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•45 views

Jolokia 1.3.7 - Cross-Site Scripting

Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser. id: CVE-2018-1000129 info: name: Jolokia 1.3.7 - Cross-Site Scripting author: mavericknerd,0h1in9e,daffainfo severity: medium description: |...

6.1CVSS6.7AI score0.25459EPSS
Exploits1References5
Nuclei
Nuclei
•added yesterday•48 views

Fonality trixbox - Local File Inclusion

Multiple local file inclusion vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. dot dot in the lang parameter to 1 home/index.php, 2 asteriskinfo/asteriskinfo.php, 3 repo/repo.php, or 4 endpointcfg/endpointcfg.php in maint/modules/. id: CVE-2014-5111 info...

5CVSS6.2AI score0.21237EPSS
Exploits1References4
Nuclei
Nuclei
•added yesterday•179 views

WordPress NotificationX <2.3.9 - SQL Injection

WordPress NotificationX plugin prior to 2.3.9 contains a SQL injection vulnerability. The plugin does not sanitize and escape the nxid parameter before using it in a SQL statement, leading to an unauthenticated blind SQL injection. An attacker can possibly obtain sensitive information, modify dat...

9.8CVSS7.1AI score0.34359EPSS
Exploits2References5
Nuclei
Nuclei
•added yesterday•59 views

Apache Kylin - Exposed Configuration File

Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha have one REST API which exposed Kylin's configuration information without...

5.3CVSS6.2AI score0.78331EPSS
Exploits0References5
Nuclei
Nuclei
•added yesterday•63 views

LDAP Injection In OpenAM

OpenAM contains an LDAP injection vulnerability. When a user tries to reset his password, they are asked to enter username, and then the backend validates whether the user exists or not through an LDAP query. If the user exists, the password reset token is sent to the user's email. Enumeration ca...

7.5CVSS7AI score0.76385EPSS
Exploits5References5
Nuclei
Nuclei
•added yesterday•20 views

Langflow - Broken Access Control

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories...

9.3CVSS7.1AI score0.20655EPSS
Exploits1References2
Nuclei
Nuclei
•added yesterday•129 views

Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion

Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI. id: CVE-2018-16133 info: name: Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion author: 0xAkoko severity: medium description: Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI...

5.3CVSS6.2AI score0.39279EPSS
Exploits5References5
Total number of security vulnerabilities4145