Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
•added 2 days ago•31 views

CyberPanel - Command Injection

CyberPanel contains a command injection vulnerability in the /ftp/getresetstatus and /dns/getresetstatus endpoints.The vulnerability exists due to improper validation of the 'statusfile' parameter, which is directly used in a shell command.The security middleware only validates POST requests,...

10CVSS7.1AI score0.94798EPSS
Exploits7References3
Nuclei
Nuclei
•added 2 days ago•163 views

Oracle WebLogic Server Administration Console - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services versions 0.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. id:...

9.8CVSS7.1AI score0.8883EPSS
Exploits11References5
Nuclei
Nuclei
•added 2 days ago•61 views

Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution

Atlassian Crowd and Crowd Data Center is susceptible to a remote code execution vulnerability because the pdkinstall development plugin is incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit...

9.8CVSS7.6AI score0.95355EPSS
Exploits6References5
Nuclei
Nuclei
•added 3 days ago•139 views

Apache Tomcat - Open Redirect

Apache Tomcat versions prior to 9.0.12, 8.5.34, and 7.0.91 are prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input. id: CVE-2018-11784 info: name: Apache Tomcat - Open Redirect author: geeknik severity: medium description: | Apache Tomcat versions...

4.3CVSS6.6AI score0.94494EPSS
Exploits3References5
Nuclei
Nuclei
•added 3 days ago•16 views

Citrix SD-WAN and NetScaler SD-WAN - SQL Injection

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 contain an SQL injection vulnerability. An unauthenticated attacker can exploit improper validation of input in specific components, which could allow for execution of arbitrary SQL queries against the backend database...

9.8CVSS7.2AI score0.94046EPSS
Exploits5References4
Nuclei
Nuclei
•added 4 days ago•126 views

Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion

A vulnerability in the Wordpress Media-Library-Assistant plugins in version 3.09 is vulnerable to a local file inclusion which leading to RCE on default Imagegick installation/configuration. id: CVE-2023-4634 info: name: Media Library Assistant 3.09 - Remote Code Execution/Local File Inclusion...

9.8CVSS7AI score0.82585EPSS
Exploits6References5
Nuclei
Nuclei
•added 4 days ago•105 views

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. id: CVE-2023-0297 info: name: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE author: MrHarshvardhan,DhiyaneshDk severity: critical description: | Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...

9.8CVSS6.7AI score0.95845EPSS
Exploits14References5
Nuclei
Nuclei
•added 4 days ago•151 views

Unauthenticated Remote Code Execution – Bricks <= 1.9.6

Bricks Builder is a popular WordPress development theme with approximately 25,000 active installations. It provides an intuitive drag-and-drop interface for designing and building WordPress websites. Bricks = 1.9.6 is vulnerable to unauthenticated remote code execution RCE which means that anybod...

10CVSS7.5AI score0.88234EPSS
Exploits18References5
Nuclei
Nuclei
•added 4 days ago•54 views

Hardcoded Admin Credentials For Cisco Smart Licensing Utility API

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.This vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit...

9.8CVSS7.1AI score0.91911EPSS
Exploits0References2
Nuclei
Nuclei
•added 4 days ago•82 views

Ivanti EPM - Credential Coercion Vulnerability in GetHashForWildcard

A vulnerability in Ivanti Endpoint Manager EPM allows an unauthenticated attacker to coerce the EPM machine account credential via the GetHashForWildcard endpoint. The vulnerability exists due to improper input validation in the wildcard parameter, allowing an attacker to specify a remote UNC pat...

9.8CVSS7.2AI score0.89738EPSS
Exploits1References2
Nuclei
Nuclei
•added 4 days ago•95 views

VMware Aria Operations for Networks - Remote Code Execution

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution. id:...

8.8CVSS7.3AI score0.82282EPSS
Exploits0References2
Nuclei
Nuclei
•added 4 days ago•67 views

Metabase < 0.46.6.1 - Remote Code Execution

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2...

9.8CVSS7.3AI score0.97924EPSS
Exploits37References6
Nuclei
Nuclei
•added 4 days ago•29 views

D-Link Network Attached Storage - Backdoor Account

A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user...

10CVSS6.9AI score0.98038EPSS
Exploits2References2
Nuclei
Nuclei
•added 4 days ago•56 views

ManageEngine ADManager Plus - Command Injection

Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings. id: CVE-2023-29084 info: name: ManageEngine ADManager Plus - Command Injection author: rootxharsh,iamnoooob,pdresearch severity: high description: | Zoho ManageEngine...

7.2CVSS7AI score0.98388EPSS
Exploits2References5
Nuclei
Nuclei
•added 4 days ago•46 views

ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval

ManageEngine ServiceDesk 9.3.9328 is vulnerable to an arbitrary file retrieval due to improper restrictions of the pathname used in the name parameter for the download-snapshot path. An unauthenticated remote attacker can use this vulnerability to download arbitrary files. id: CVE-2017-11512 info...

7.5CVSS7.1AI score0.79604EPSS
Exploits0References5
Nuclei
Nuclei
•added 4 days ago•64 views

Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware Web Services versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2 is susceptible to a difficult to exploit vulnerability that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic...

7.4CVSS7AI score0.96281EPSS
Exploits9References5
Nuclei
Nuclei
•added 4 days ago•114 views

Apache Airflow <=1.10.10 - Remote Code Execution

Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending on the executor in us...

8.8CVSS7.2AI score0.99118EPSS
Exploits9References5
Nuclei
Nuclei
•added 4 days ago•83 views

TerraMaster TOS - Unauthenticated Remote Command Execution

TerraMaster TOS = 4.2.06 is susceptible to a remote code execution vulnerability which could allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php via the Event parameter. id: CVE-2020-28188 info: name: TerraMaster TOS - Unauthenticated Remote Command Execution...

10CVSS7.5AI score0.96598EPSS
Exploits3References5
Nuclei
Nuclei
•added 4 days ago•78 views

WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution

WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote code execution by setting supportedtype to php% and uploading a .php% file. id: CVE-2020-12800 info: name: WordPress Contact Form 7 1.3.3.3 - Remote Code Execution author: dwisiswant0 severity: critical description...

9.8CVSS7.4AI score0.78751EPSS
Exploits7References4
Nuclei
Nuclei
•added 4 days ago•59 views

WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion

WordPress Duplicator 1.3.24 & 1.3.26 are vulnerable to local file inclusion vulnerabilities that could allow attackers to download arbitrary files, such as the wp-config.php file. According to the vendor, the vulnerability was only in two versions v1.3.24 and v1.3.26, the vulnerability wasn't...

7.5CVSS7.1AI score0.97822EPSS
Exploits11References5
Nuclei
Nuclei
•added 4 days ago•112 views

Mida eFramework <=2.9.0 - Remote Command Execution

Mida eFramework through 2.9.0 allows an attacker to achieve remote code execution with administrative root privileges. No authentication is required. id: CVE-2020-15920 info: name: Mida eFramework =2.9.0 - Remote Command Execution author: dwisiswant0 severity: critical description: Mida eFramewor...

10CVSS7.4AI score0.98239EPSS
Exploits6References4
Nuclei
Nuclei
•added 4 days ago•66 views

UnRaid <=6.80 - Remote Code Execution

UnRaid =6.80 allows remote unauthenticated attackers to execute arbitrary code. id: CVE-2020-5847 info: name: UnRaid =6.80 - Remote Code Execution author: madrobot severity: critical description: UnRaid =6.80 allows remote unauthenticated attackers to execute arbitrary code. impact: |...

10CVSS7.2AI score0.95844EPSS
Exploits8References5
Nuclei
Nuclei
•added 4 days ago•79 views

Cisco Unified IP Conference Station 7937G - Denial-of-Service

Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to restart the device remotely via specially crafted packets that can cause a denial-of-service condition. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned...

7.8CVSS7AI score0.7977EPSS
Exploits5References5
Nuclei
Nuclei
•added 4 days ago•61 views

Cisco ASA/FTD Software - Cross-Site Scripting

Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software are vulnerable to cross-site scripting and could allow an unauthenticated, remote attacker to conduct attacks against a user of the web services interface of an affected device. The vulnerabilities are...

6.1CVSS7AI score0.85439EPSS
Exploits2
Nuclei
Nuclei
•added 4 days ago•59 views

Micro Focus UCMDB - Remote Code Execution

Micro Focus UCMDB is susceptible to remote code execution. Impacted products include Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions, and Operations Bridge containerized 2020.05, 2019.08, 2019.0...

10CVSS7.2AI score0.74232EPSS
Exploits3References5
Nuclei
Nuclei
•added 4 days ago•39 views

rConfig 3.9.4 - Cross-Site Scripting

The rConfig 3.9.4 is vulnerable to cross-site scripting. The devicemgmnt.php file improperly validates the request coming from the user input. Due to this flaw, An attacker can exploit this vulnerability by crafting arbitrary javascript in deviceId GET parameter of devicemgmnt.php resulting in...

5.4CVSS6.3AI score0.95752EPSS
Exploits1References5
Nuclei
Nuclei
•added 4 days ago•73 views

Ruby on Rails <5.0.1 - Remote Code Execution

Ruby on Rails before version 5.0.1 is susceptible to remote code execution because it passes user parameters as local variables into partials. id: CVE-2020-8163 info: name: Ruby on Rails 5.0.1 - Remote Code Execution author: timkoopmans severity: high description: Ruby on Rails before version 5.0...

8.8CVSS7.4AI score0.83085EPSS
Exploits10References4
Nuclei
Nuclei
•added 4 days ago•44 views

Yaws 1.91 - Local File Inclusion

Yaws 1.91 allows unauthenticated local file inclusion via /%5C../ submitted to port 8080. id: CVE-2017-10974 info: name: Yaws 1.91 - Local File Inclusion author: 0xAkoko severity: high description: Yaws 1.91 allows unauthenticated local file inclusion via /%5C../ submitted to port 8080. impact: |...

7.5CVSS7AI score0.81028EPSS
Exploits5References5
Nuclei
Nuclei
•added 4 days ago•214 views

D-Link - Remote Command Execution

A Remote Command Execution RCE vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file id: CVE-2021-45382 info: name: D-Link - Remote Command Execution author: king-alexander severity: critic...

10CVSS7.2AI score0.97836EPSS
Exploits1References5
Nuclei
Nuclei
•added 4 days ago•58 views

RealTek Jungle SDK - Arbitrary Command Injection

There is a command injection vulnerability on the "formWsc" page of the management interface. Successful exploitation of this vulnerability could lead to remote code execution and compromise of the affected system. id: CVE-2021-35395 info: name: RealTek Jungle SDK - Arbitrary Command Injection...

10CVSS7.5AI score0.97961EPSS
Exploits2References5
Nuclei
Nuclei
•added 4 days ago•17 views

XWiki REST API Query - SQL Injection

A SQL injection vulnerability exists in XWiki's REST API query endpoint. An unauthenticated attacker can execute arbitrary SQL queries through the 'q' parameter by manipulating the HQL query, potentially leading to data exfiltration or system compromise. id: CVE-2025-32969 info: name: XWiki REST...

9.8CVSS7.2AI score0.80716EPSS
Exploits1References2
Nuclei
Nuclei
•added 4 days ago•64 views

XStream <1.4.16 - Remote Code Execution

XStream before 1.4.16 is susceptible to remote code execution. An attacker can load and execute arbitrary code from a remote host via manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative...

9.1CVSS7AI score0.82136EPSS
Exploits1References5
Nuclei
Nuclei
•added 4 days ago•172 views

EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution

EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655,...

9.8CVSS7.4AI score0.91874EPSS
Exploits13References5
Nuclei
Nuclei
•added 4 days ago•64 views

Apache OFBiz <=16.11.07 - Cross-Site Scripting

Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with contentId to /control/stream is not sanitized. id: CVE-2020-1943 info: name: Apache OFBiz =16.11.07 - Cross-Site Scripting author: pdteam severity: medium description: Apache OFBiz 16.11.01 to 16.11.07 ...

6.1CVSS6.3AI score0.97309EPSS
Exploits0References5
Nuclei
Nuclei
•added 4 days ago•348 views

Apache Tomcat - Remote Code Execution

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...

8.1CVSS6.8AI score0.99988EPSS
Exploits23References5
Nuclei
Nuclei
•added 4 days ago•17 views

Apache Tika - XML External Entity Injection

Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1, and tika-parsers 1.13-1.28.5 contain an XML External Entity injection caused by processing crafted XFA files inside PDFs, letting attackers perform XXE attacks remotely, exploit requires crafted PDF input. id: CVE-2025-66516 info: nam...

9.8CVSS7AI score0.79807EPSS
Exploits5References2
Nuclei
Nuclei
•added 4 days ago•134 views

Adobe ColdFusion - Unrestricted File Upload Remote Code Execution

Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. id: CVE-2018-15961 info: name: Adobe ColdFusion - Unrestricted File Upload...

10CVSS7.3AI score0.9995EPSS
Exploits11References5
Nuclei
Nuclei
•added 4 days ago•68 views

Roundcube Webmail - Command Injection

Roundcube Webmail before 1.4.4 contains a command injection caused by shell metacharacters in configuration settings for imconvertpath or imidentifypath, letting attackers execute arbitrary code, exploit requires attacker to control configuration settings. id: CVE-2020-12641 info: name: Roundcube...

9.8CVSS7.3AI score0.84456EPSS
Exploits1References5
Nuclei
Nuclei
•added 4 days ago•53 views

Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal

Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software are susceptible to directory traversal vulnerabilities that could allow an unauthenticated, remote attacker to obtain read and delete access to sensitive files on a targeted system. id: CVE-2020-3187...

9.1CVSS7.1AI score0.96595EPSS
Exploits4References5
Nuclei
Nuclei
•added 4 days ago•194 views

Ruckus Wireless Admin - Remote Code Execution

Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request. id: CVE-2023-25717 info: name: Ruckus Wireless Admin - Remote Code Execution author: parthmalhotra,pdresearch severity: critical description: | Ruckus Wireless Admin through 10.4 allows Remote...

9.8CVSS7.2AI score0.95326EPSS
Exploits1References3
Nuclei
Nuclei
•added 4 days ago•64 views

PaperCut < 22.1.3 - Path Traversal

PaperCut NG and PaperCut MF before 22.1.3 are vulnerable to path traversal which enables attackers to read, delete, and upload arbitrary files. id: CVE-2023-39143 info: name: PaperCut 22.1.3 - Path Traversal author: pdteam severity: critical description: PaperCut NG and PaperCut MF before 22.1.3...

9.8CVSS7.2AI score0.78696EPSS
Exploits1References5
Nuclei
Nuclei
•added 4 days ago•397 views

Jorani 1.0.0 - Remote Code Execution

Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. id: CVE-2023-26469 info: name: Jorani 1.0.0 - Remote Code Execution author: pussycat0x severity: critical description: | Jorani 1.0.0, an attacker could leverage path traversal to access files...

9.8CVSS7.2AI score0.81918EPSS
Exploits5References5
Nuclei
Nuclei
•added 4 days ago•31 views

Beautiful Cookie Consent Banner < 2.10.2 - Cross-Site Scripting

The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nscbarcontenthref' parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS6.5AI score0.84461EPSS
Exploits0References4
Nuclei
Nuclei
•added 4 days ago•16 views

FreePBX >= 17.0.2.36 && < 17.0.3 - Authenticated Command Injection

FreePBX Endpoint Manager 17.0.2.36 to = 17.0.2.36 && 17.0.3 - Authenticated Command Injection author: th3y severity: critical description: | FreePBX Endpoint Manager 17.0.2.36 to 17.0.3 contains a command injection caused by improper sanitization in filestore module's testconnection checksshconne...

8.6CVSS7.1AI score0.84618EPSS
Exploits4References3
Nuclei
Nuclei
•added 4 days ago•253 views

XWiki Platform - Remote Code Execution

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document SkinsCode.XWikiSkinsSheet leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute...

9.9CVSS7.5AI score0.91346EPSS
Exploits1References4
Nuclei
Nuclei
•added 4 days ago•357 views

Hikvision IP ping.php - Command Execution

A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.320201113RELEASEHIK. It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondataip with the input netstat -ano leads to os command injection...

9.8CVSS6.5AI score0.89138EPSS
Exploits2References5
Nuclei
Nuclei
•added 4 days ago•135 views

NextGen Mirth Connect - Remote Code Execution

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability id: CVE-2023-37679 info: name: NextGen Mirth Connect - Remote Code Execution...

9.8CVSS7.5AI score0.96129EPSS
Exploits22References5
Nuclei
Nuclei
•added 4 days ago•50 views

ElasticSearch <1.6.1 - Local File Inclusion

ElasticSearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls. id: CVE-2015-5531 info: name: ElasticSearch 1.6.1 - Local File Inclusion author: princechaddha severity: medium description: ElasticSearch before 1.6.1 allows remote...

5CVSS7.2AI score0.9175EPSS
Exploits7References5
Nuclei
Nuclei
•added 4 days ago•25 views

Joomla! JCE extension < 2.9.99.5 unauthenticated RCE

Joomla JCE editor extension contains an unrestricted file upload vulnerability caused by allowing unauthenticated users to create new editor profiles, letting attackers upload and execute PHP code remotely, exploit requires no authentication. id: CVE-2026-48907 info: name: Joomla! JCE extension...

10CVSS7.2AI score0.80425EPSS
Exploits19References4
Nuclei
Nuclei
•added 4 days ago•39 views

Langflow < 1.9.0 - Remote Code Execution

Langflow versions prior to 1.9.0 are vulnerable to unauthenticated remote code execution RCE via the buildpublictmp endpoint. Attackers can submit a manipulated flow JSON containing Python code that is executed during the build process without proper sandboxing. id: CVE-2026-33017 info: name:...

9.8CVSS7.5AI score0.98191EPSS
Exploits20References3
Total number of security vulnerabilities4143