Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
added 2 days ago99 views

NETGEAR ProSafe SSL VPN firmware - SQL Injection

NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. id: CVE-2022-29383 info: name: NETGEAR ProSafe SSL VPN firmware - SQL Injection author: elitebaz severity: critical description: |...

9.8CVSS6.8AI score0.48957EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago24 views

Apache ActiveMQ < 5.16.5/5.17.3 - Remote Code Execution

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...

8.8CVSS7.1AI score0.8581EPSS
Exploits2References3
Nuclei
Nuclei
added 2 days ago83 views

Roxy-WI - Remote Code Execution

Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the sshcommand function without processing the inputs received from the user in the /app/funct.py file. id: CVE-2022-31126 info: name: Roxy-WI - Remote Code Execution author: ritikchaddha...

10CVSS7.3AI score0.90387EPSS
Exploits15References3
Nuclei
Nuclei
added 2 days ago52 views

Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation

Dynamicweb contains a vulnerability which allows an unauthenticated attacker to create a new administrative user. id: CVE-2022-25369 info: name: Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation author: pdteam severity: critical description: Dynamicweb contains a vulnerability which...

9.8CVSS6.1AI score0.40739EPSS
Exploits0References2
Nuclei
Nuclei
added 2 days ago318 views

Oracle E-Business Suite <=12.2 - Authentication Bypass

Oracle E-Business Suite component: Manage Proxies 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in...

7.5CVSS7AI score0.70589EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago102 views

Photo Gallery by 10Web < 1.6.0 - SQL Injection

The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwgtagidbwgthumbnails0 parameter before using it in a SQL statement via the bwgfrontenddata AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL injection id:...

9.8CVSS7.1AI score0.74615EPSS
Exploits4References4
Nuclei
Nuclei
added 2 days ago99 views

SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution

SpaceLogic C-Bus Home Controller through 1.31.460 is susceptible to remote command execution via improper neutralization of special elements. Remote root exploit can be enabled when the command is compromised, and an attacker can potentially execute malware, obtain sensitive information, modify...

8.8CVSS7.2AI score0.71084EPSS
Exploits6References5
Nuclei
Nuclei
added 2 days ago83 views

Atom CMS v2.0 - Remote Code Execution

Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php. id: CVE-2022-25487 info: name: Atom CMS v2.0 - Remote Code Execution author: theamanrawat severity: critical description: | Atom CMS v2.0 was discovered to contain a remote code execution RCE...

9.8CVSS7.4AI score0.54766EPSS
Exploits4References5
Nuclei
Nuclei
added 2 days ago10 views

Sunflower Simple and Personal 1.0.1.43315 - Remote Code Execution

Sunlogin Sunflower Simplified aka Sunflower Simple and Personal 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the...

9.8CVSS7.2AI score0.56787EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago64 views

Bangresto - SQL Injection

Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter. id: CVE-2022-46443 info: name: Bangresto - SQL Injection author: Harsh severity: high description: | Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter. impact: | Successful exploitation of...

8.8CVSS7.1AI score0.37729EPSS
Exploits1References3
Nuclei
Nuclei
added 2 days ago23 views

VMware Workspace ONE Access - Authentication Bypass

VMware Workspace ONE Access has two authentication bypass vulnerabilities CVE-2022-22955 & CVE-2022-22956 in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework. id: CVE-2022-22956...

9.8CVSS7.2AI score0.50694EPSS
Exploits5References4
Nuclei
Nuclei
added 2 days ago72 views

F5 BIG-IP Appliance Mode - Command Injection

When running in Appliance mode, an authenticated user assigned the Administrator role may bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. id: CVE-2022-41800 info: name: F5 BIG-IP Appliance Mode - Command Injection author: dwisiswant0 severity: high description...

9.8CVSS7.1AI score0.99956EPSS
Exploits70References5
Nuclei
Nuclei
added 2 days ago44 views

Joomla! Component CCNewsLetter - Local File Inclusion

A directory traversal vulnerability in the ccNewsletter comccnewsletter component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter in a ccnewsletter action to index.php. id: CVE-2010-0467 info: name: Joomla! Component CCNewsLetter -...

5.8CVSS6.4AI score0.43296EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago177 views

Jolokia Agent - JNDI Code Injection

Jolokia agent is vulnerable to a JNDI injection vulnerability that allows a remote attacker to run arbitrary Java code on the server when the agent is in proxy mode. id: CVE-2018-1000130 info: name: Jolokia Agent - JNDI Code Injection author: milo2012 severity: high description: | Jolokia agent i...

8.1CVSS7.2AI score0.73566EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago111 views

NagiosXI <= 5.4.12 `commandline.php` SQL injection

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter. id: CVE-2018-10735 info: name: NagiosXI = 5.4.12 commandline.php SQL injection author: DhiyaneshDk severity: high description: | A SQL injection issue was discovered in Nagios XI before...

7.2CVSS7AI score0.42556EPSS
Exploits2References2
Nuclei
Nuclei
added 2 days ago50 views

WP GDPR Compliance < 1.4.3 - Unauthenticated Call Any Action or Update Any Option

The WP GDPR Compliance plugin allows unauthenticated users to execute any action and update any database value. This vulnerability is due to the lack of proper validation in the Includes/Ajax.php file. id: CVE-2018-19207 info: name: WP GDPR Compliance 1.4.3 - Unauthenticated Call Any Action or...

9.8CVSS7.1AI score0.87294EPSS
Exploits4References2
Nuclei
Nuclei
added 2 days ago74 views

Western Digital MyCloud NAS - Authentication Bypass

It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the...

10CVSS7.1AI score0.86586EPSS
Exploits6References5
Nuclei
Nuclei
added 2 days ago58 views

Ncomputing vSPace Pro 10 and 11 - Directory Traversal

Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability. id: CVE-2018-10201 info: name: Ncomputing vSPace Pro 10 and 11 - Directory Traversal author: 0xakoko severity: high description: Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal...

7.5CVSS7AI score0.45627EPSS
Exploits5References5
Nuclei
Nuclei
added 2 days ago63 views

Atlassian Jira Confluence - Cross-Site Scripting

Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the error messa...

6.1CVSS6.7AI score0.37611EPSS
Exploits0References5
Nuclei
Nuclei
added 2 days ago40 views

Kubernetes Dashboard <1.10.1 - Authentication Bypass

Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. id: CVE-2018-18264 info: name: Kubernetes Dashboard 1.10.1 - Authentication Bypass author: edoardottt severity: high description: | Kubernetes...

7.5CVSS7AI score0.70372EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago26 views

Centos Web Panel 0.9.8.480 - Local File Inclusion

Centos Web Panel version 0.9.8.480 suffers from local file inclusion vulnerabilities. Other vulnerabilities including cross-site scripting and remote code execution are also known to impact this version. id: CVE-2018-18323 info: name: Centos Web Panel 0.9.8.480 - Local File Inclusion author:...

7.5CVSS7.3AI score0.70736EPSS
Exploits2References5
Nuclei
Nuclei
added 2 days ago69 views

D-Link Routers - Local File Inclusion

D-Link routers DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02,DWR-512 through 2.02,DWR-712 through 2.02,DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01, and probably others with the same type of firmware allows remote attackers to read arbitrary files via a /...

7.5CVSS7.1AI score0.39268EPSS
Exploits8References5
Nuclei
Nuclei
added 2 days ago54 views

CirCarLife Scada <4.3 - System Log Exposure

CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. CirCarLife is an internet-connected electric vehicle charging station. id: CVE-2018-12634 info: name: CirCarLife Scada 4.3 - System Log...

9.8CVSS7.1AI score0.56829EPSS
Exploits5References5
Nuclei
Nuclei
added 2 days ago66 views

Joomla! Component News Portal 1.5.x - Local File Inclusion

A directory traversal vulnerability in the iJoomla News Portal comnewsportal component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1312 info: name: Joomla! Component News Portal 1.5.x - Local File...

5CVSS6.2AI score0.13621EPSS
Exploits2References4
Nuclei
Nuclei
added 2 days ago80 views

Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion

A directory traversal vulnerability in jphone.php in the JPhone comjphone component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-3426 info: name: Joomla! Component Jphone 1.0...

7.5CVSS6.3AI score0.14109EPSS
Exploits3References5
Nuclei
Nuclei
added 2 days ago51 views

Responsive filemanager 9.13.1 Server-Side Request Forgery

Responsive filemanager 9.13.1 is susceptible to server-side request forgery in upload.php via the url parameter. id: CVE-2018-14728 info: name: Responsive filemanager 9.13.1 Server-Side Request Forgery author: madrobot severity: critical description: Responsive filemanager 9.13.1 is susceptible t...

9.8CVSS7AI score0.76511EPSS
Exploits5References5
Nuclei
Nuclei
added 2 days ago49 views

WordPress Localize My Post 1.0 - Local File Inclusion

WordPress Localize My Post 1.0 is susceptible to local file inclusion via the ajax/include.php file parameter. id: CVE-2018-16299 info: name: WordPress Localize My Post 1.0 - Local File Inclusion author: 0xAkoko,0x240x23elu severity: high description: | WordPress Localize My Post 1.0 is susceptib...

7.5CVSS7AI score0.44358EPSS
Exploits2References5
Nuclei
Nuclei
added 2 days ago89 views

PrestaShop Responsive Mega Menu Module - Remote Code Execution

The 'Responsive Mega Menu' module for PrestaShop is prone to a remote code execution and SQL injection vulnerability. modules/bamegamenu/ajaxphpcode.php in the Responsive Mega Menu Horizontal+Vertical+Dropdown Pro module 1.0.32 for PrestaShop allows remote attackers to execute an SQL injection or...

9.8CVSS7.5AI score0.51572EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago33 views

Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion

Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the downloadfile parameter. id: CVE-2018-6008 info: name: Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion author: daffainfo severity: high description: Joomla! Jtag Members Directory 5.3.7 is vulnerable to...

7.5CVSS7AI score0.36823EPSS
Exploits5References5
Nuclei
Nuclei
added 2 days ago92 views

TIBCO JasperReports Library - Directory Traversal

The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...

9.9CVSS6.9AI score0.79064EPSS
Exploits4References5
Nuclei
Nuclei
added 2 days ago12 views

VMware NSX SD-WAN Edge - Command Injection

VMware NSX SD-WAN Edge formerly VeloCloud Edge before 3.1.2 contains an unauthenticated command injection in the local web UI diagnostic tools Ping/Traceroute. This template detects it reliably by injecting 'id', 'whoami', and a random marker. id: CVE-2018-6961 info: name: VMware NSX SD-WAN Edge ...

8.1CVSS7AI score0.86431EPSS
Exploits6References3
Nuclei
Nuclei
added 2 days ago101 views

GitList < 0.6.0 Remote Code Execution

klaussilveira GitList version = 0.6 contains a passing incorrectly sanitized input via the searchTree function that can result in remote code execution. id: CVE-2018-1000533 info: name: GitList 0.6.0 Remote Code Execution author: pikpikcu severity: critical description: klaussilveira GitList...

9.8CVSS7.2AI score0.72967EPSS
Exploits2References5
Nuclei
Nuclei
added 2 days ago51 views

PrismaWEB - Credentials Disclosure

PrismaWEB is susceptible to credential disclosure. The vulnerability exists due to the disclosure of hard-coded credentials allowing an attacker to effectively bypass authentication of PrismaWEB with administrator privileges. The credentials can be disclosed by simply navigating to the loginpar.j...

9.8CVSS7AI score0.58528EPSS
Exploits2References4
Nuclei
Nuclei
added 2 days ago500 views

FUEL CMS 1.4.1 - Remote Code Execution

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. id: CVE-2018-16763 info: name: FUEL CMS 1.4.1 - Remote Code Execution author: pikpikcu severity: critical description: FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/...

9.8CVSS7AI score0.82937EPSS
Exploits17References5
Nuclei
Nuclei
added 2 days ago37 views

uWSGI PHP Plugin Local File Inclusion

uWSGI PHP Plugin before 2.0.17 mishandles a DOCUMENTROOT check during use of the --php-docroot option, making it susceptible to local file inclusion. id: CVE-2018-7490 info: name: uWSGI PHP Plugin Local File Inclusion author: madrobot severity: high description: uWSGI PHP Plugin before 2.0.17...

7.5CVSS7AI score0.69907EPSS
Exploits5References5
Nuclei
Nuclei
added 2 days ago280 views

ACME mini_httpd <1.30 - Local File Inclusion

ACME minihttpd before 1.30 is vulnerable to local file inclusion. id: CVE-2018-18778 info: name: ACME minihttpd 1.30 - Local File Inclusion author: DhiyaneshDK,dogasantos severity: medium description: ACME minihttpd before 1.30 is vulnerable to local file inclusion. impact: | Successful...

6.5CVSS6.7AI score0.74036EPSS
Exploits0References5
Nuclei
Nuclei
added 2 days ago41 views

WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion

WirelessHART Fieldgate SWG70 3.0 is vulnerable to local file inclusion via the fcgi-bin/wgsetcgi filename parameter. id: CVE-2018-16059 info: name: WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion author: daffainfo severity: medium description: WirelessHART Fieldgate SWG70 3.0 is vulnerabl...

5.3CVSS6.2AI score0.29816EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago152 views

Apache Struts2 S2-062 - Remote Code Execution

Apache Struts2 S2-062 is vulnerable to remote code execution. The fix issued for CVE-2020-17530 S2-061 was incomplete, meaning some of the tag's attributes could still perform a double evaluation if a developer applied forced OGNL evaluation by using the %... syntax. id: CVE-2021-31805 info: name...

9.8CVSS7.1AI score0.95922EPSS
Exploits16References5
Nuclei
Nuclei
added 2 days ago23 views

Laminas Project laminas-http - Remote Code Execution

Laminas Project laminas-http 2.14.2 and Zend Framework 3.0.0 contain a deserialization vulnerability caused by destruct method in Zend\Http\Response\Stream, letting attackers control content lead to remote code execution, exploit requires attacker-controlled serialized data. id: CVE-2021-3007...

9.8CVSS7.3AI score0.75313EPSS
Exploits3References2
Nuclei
Nuclei
added 2 days ago106 views

D-Link DAP-1620 - Local File Inclusion

D-Link DAP-1620 is susceptible to local file Inclusion due to path traversal that can lead to unauthorized internal files reading /etc/passwd and /etc/shadow. id: CVE-2021-46381 info: name: D-Link DAP-1620 - Local File Inclusion author: 0xAkoko severity: high description: D-Link DAP-1620 is...

7.5CVSS6.7AI score0.57984EPSS
Exploits4References5
Nuclei
Nuclei
added 2 days ago110 views

CommScope Ruckus IoT Controller - Information Disclosure

CommScope Ruckus IoT Controller is susceptible to information disclosure vulnerabilities because a 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for...

9.8CVSS7AI score0.5699EPSS
Exploits3References5
Nuclei
Nuclei
added 2 days ago155 views

Cisco IOS HTTP Configuration - Authentication Bypass

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. id: CVE-2001-0537 info: name: Cisco IOS HTTP Configuration - Authentication Bypass author:...

9.3CVSS6.3AI score0.6845EPSS
Exploits8References5
Nuclei
Nuclei
added 2 days ago44 views

Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities

Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php. id:...

7.5CVSS6.3AI score0.251EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago92 views

Telesquare TLR-2855KS6 - Arbitrary File Creation

An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts. id: CVE-2021-46418 info: name: Telesquare TLR-2855KS6 - Arbitrary File Creation author: DhiyaneshDK severity: high description: | An unauthorized file creation vulnerability in...

7.5CVSS7AI score0.23945EPSS
Exploits4References3
Nuclei
Nuclei
added 2 days ago178 views

Change Detection - Server Side Template Injection

A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host. id: CVE-2024-32651 info: name: Change Detection - Server Side Template Injection author: edoardottt severity: critical description: | A Server...

10CVSS7.1AI score0.83722EPSS
Exploits5References4
Nuclei
Nuclei
added 2 days ago68 views

GeoServer and GeoTools - Remote Code Execution

GeoTools is an open source Java library that provides tools for geospatial data. Prior to versions 31.2, 30.4, and 29.6, Remote Code Execution RCE is possible if an application uses certain GeoTools functionality to evaluate XPath expressions supplied by user input. Versions 31.2, 30.4, and 29.6...

9.8CVSS7.2AI score0.99813EPSS
Exploits25References3
Nuclei
Nuclei
added 2 days ago153 views

GiveWP - PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. id: CVE-2024-5932 info: name: GiveWP - PHP Object Injection author:...

10CVSS7.1AI score0.74283EPSS
Exploits11References7
Nuclei
Nuclei
added 2 days ago92 views

JeecgBoot v3.7.1 - SQL Injection

The JeecgBoot application is vulnerable to SQL Injection via the getTotalData endpoint. An attacker can exploit this vulnerability to extract sensitive information from the database by injecting SQL commands. id: CVE-2024-48307 info: name: JeecgBoot v3.7.1 - SQL Injection author: lbb,s4e-io...

9.8CVSS6.1AI score0.4457EPSS
Exploits1References2
Nuclei
Nuclei
added 2 days ago55 views

D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure

A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. id: CVE-2024-3274 info: name: D-LINK...

5.3CVSS5.7AI score0.33484EPSS
Exploits0References3
Nuclei
Nuclei
added 2 days ago25 views

Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Arbitrary File Read

The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wpajaxnoprivelvwplogdownload AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, whi...

7.5CVSS7AI score0.46858EPSS
Exploits1References4
Total number of security vulnerabilities4143