Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
added 2026/02/04 7:0 a.m.14 views

Oracle E-Business Suite 12.2.3–12.2.14 – Remote Code Execution

Oracle Concurrent Processing 12.2.3-12.2.14 contains a remote code execution caused by unauthenticated network access via HTTP, letting unauthenticated attackers fully compromise the system, exploit requires network access via HTTP. id: CVE-2025-61882 info: name: Oracle E-Business Suite...

9.8CVSS8.5AI score0.99722EPSS
Exploits15References6
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.11 views

Dify - User Enumeration via "Account not found" Message

A user enumeration vulnerability exists in langgenius/dify, where the login API leaks information about whether a user account exists or not. When an invalid/non-existent email is used during login, the API returns a distinct error message such as "accountnotfound" or "Account not found.", allowi...

5.3CVSS4.5AI score0.00722EPSS
Exploits1References4
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Open Redirect via Organization Switching

An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL id: CVE-2025-6197 info:...

7.6CVSS7.5AI score0.37565EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.23 views

Adobe Commerce - Authentication Bypass

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high...

9.1CVSS6.9AI score0.96742EPSS
Exploits9References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.21 views

WSO2 Management Console - Authentication Bypass

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known...

5.3CVSS6.5AI score0.00811EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Securden Unified PAM - Authentication Bypass

An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backup functions, leading to compromise of passwords, secrets, and application session tokens stored by the Unified PAM. id: CVE-2025-53118 info: name: Securden Unified PAM -...

9.8CVSS7.1AI score0.29365EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Adobe Experience Manager Forms - Insecure Deserialization

Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user...

9.8CVSS6.1AI score0.44894EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.140 views

UNA CMS <= 14.0.0-RC4 - PHP Object Injection

The vulnerability is located in the /template/scripts/BxBaseMenuSetAclLevel.php script. Specifically, within the BxBaseMenuSetAclLevel::getCode method. When calling this method, user input passed through the "profileid" POST parameter is not properly sanitized before being used in a call to the...

7.2AI score
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.9 views

WeiPHP 5.0 - Path Traversal

WeiPHP 5.0 contains a path traversal caused by insufficient input validation of the picUrl parameter in /public/index.php/material/Material/downloadimgage, letting unauthenticated remote attackers read arbitrary files. id: CVE-2025-34045 info: name: WeiPHP 5.0 - Path Traversal author: pikpikcu...

8.7CVSS6.9AI score0.04311EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.12 views

Fanwei e-cology - SQL Injection

Fanwei e-cology 8.0 contains a sql injection caused by unsanitized user input in the sql parameter of getdata.jsp, letting unauthenticated attackers execute arbitrary SQL queries and access sensitive data. id: CVE-2025-34038 info: name: Fanwei e-cology - SQL Injection author: ritikchaddha severit...

8.7CVSS8.3AI score0.01837EPSS
Exploits1References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.12 views

Microweber CMS2.0 - Cross-Site Scripting

Reflected Cross-Site Scripting XSS in the id parameter of the liveedit.modulesettings API endpoint in Microweber CMS2.0 allows execution of arbitrary JavaScript. id: CVE-2025-51501 info: name: Microweber CMS2.0 - Cross-Site Scripting author: nukunga severity: medium description: | Reflected...

6.1CVSS6AI score0.00776EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.18 views

GoAnywhere - Authentication Bypass

Fortra GoAnywhere MFT contains an insecure deserialization vulnerability in the License Servlet caused by deserializing attacker-controlled objects with a valid forged license response signature, letting attackers perform command injection, exploit requires valid forged license signature. id:...

10CVSS7.4AI score0.99614EPSS
Exploits3References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.15 views

TRUfusion Enterprise <= 7.10.4.0 - Authentication Bypass

Hard-Coded Cryptographic key allowing to forge session cookies that can be used to entirely bypass authentication id: CVE-2025-27223 info: name: TRUfusion Enterprise = 7.10.4.0 - Authentication Bypass author: DhiyaneshDK,rcesecurity severity: critical description: | Hard-Coded Cryptographic key...

7.5CVSS6.7AI score0.02102EPSS
Exploits1References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

DAEnetIP4 METO v1.25 - Session Hijacking

DAEnetIP4 METO v1.25 contains improper session management in the /loginok.htm endpoint, letting attackers hijack sessions, exploit requires attacker to control or intercept session tokens. id: CVE-2025-28242 info: name: DAEnetIP4 METO v1.25 - Session Hijacking author: 0xAkoko severity: high...

9.8CVSS5.9AI score0.01784EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.30 views

Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution

Advanced Custom Fields: Extended WordPress plugin 0.9.0.5 through 0.9.1.1 contains a remote code execution caused by unsafe use of calluserfuncarray in prepareform function, letting unauthenticated attackers execute arbitrary code remotely. id: CVE-2025-13486 info: name: Advanced Custom Fields...

9.8CVSS8.7AI score0.73557EPSS
Exploits10References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.13 views

ESPHome - Authentication Bypass

ESPHome 2025.8.0 contains an authentication bypass caused by improper validation of base64-encoded Authorization values in the webserver component, letting attackers access functionality without valid credentials, exploit requires crafted Authorization header. id: CVE-2025-57808 info: name: ESPHo...

8.1CVSS5.2AI score0.01514EPSS
Exploits1References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.17 views

Traccar(Windows) 6.1- 6.8.1 - Local File Inclusion

Traccar 5.8-6.0 non-default installs with web.override set and 6.1-6.8.1 default installs contain a local file inclusion vulnerability caused by enabled web override configuration, letting unauthenticated attackers leak arbitrary files including passwords, exploit requires local access. id:...

8.7CVSS8.7AI score0.01196EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.15 views

Astro - Reflected XSS via server islands feature

Astro 5.15.8 contains a reflected XSS caused by improper handling of server islands feature, letting remote attackers execute scripts, exploit requires use of server islands in the application. id: CVE-2025-64764 info: name: Astro - Reflected XSS via server islands feature author: DhiyaneshDk,zhe...

7.1CVSS5.3AI score0.00456EPSS
Exploits1References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.10 views

XWiki XML View - Sensitive Information Exposure

A vulnerability in XWiki's XML view functionality exposes sensitive information such as passwords and email addresses that are stored in custom fields not explicitly named as password or email. This information disclosure occurs when accessing user profiles with the xml.vm template. id:...

8.7CVSS6.2AI score0.01285EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.15 views

Jenkins Sidepanel - Unauthorized Agent/Queue Exposure

Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check in the sidepanel of a page intentionally accessible to users lacking Overall/Read permission, allowing attackers without Overall/Read permission to list agent names through its sidepanel executors widget. id:...

5.3CVSS7.2AI score0.04735EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.15 views

Unauthenticated Arbitrary Plugin Upload in Alone Theme

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the aloneimportpackinstallplugin function in all versions up to, and including, 7.8.3. id: CVE-2025-5394 info: name: Unauthenticated Arbitra...

9.8CVSS6.2AI score0.47529EPSS
Exploits3References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.21 views

Gladinet CentreStack & Triofox - Hardcoded Credentials

Gladinet CentreStack and Triofox 16.12.10420.56791 contain a hardcoded credentials vulnerability caused by use of hardcoded AES cryptoscheme values, letting attackers perform arbitrary local file inclusion without authentication, potentially leading to full system compromise. id: CVE-2025-14611...

9.8CVSS6.8AI score0.50949EPSS
Exploits3References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.7 views

YesWiki <= 4.5.1 - Cross-Site Scripting

YesWiki alertdocument.domain","YesWiki"' - 'statuscode == 200' - 'containscontenttype, "text/html"' condition: and digest: 4a0a0047304502200362ca1190c63e21f2923bf08de7cb7da7b574446b257e6007dfd76d97c7ed0b02210097168371a37ae69e386417974c7fa650ac4099a59a65f245bd361ac61d391a41:922c64590222798b...

6.1CVSS5AI score0.00498EPSS
Exploits1References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.43 views

AfterLogic Aurora and WebMail Pro < 7.7.9 - Full Path Disclosure

AfterLogic Aurora and WebMail Pro products with 7.7.9 and all lower versions are affected by this vulnerability, simply sending an HTTP DELETE request to WebDAV EndPoint with built-in “caldavpublicuser@localhost” and it’s the predefined password “caldavpublicuser” allows the attacker to obtain we...

7.1AI score
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.22 views

AC Smart II - Authentication Bypass

AC Smart II contains an authentication bypass caused by a hidden password reset form that can be manipulated to change the administrator password without verifying login or permissions, letting attackers change admin passwords without authorization. id: CVE-2025-10204 info: name: AC Smart II -...

7.1CVSS7.1AI score0.00451EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.12 views

Microweber CMS 2.0 - Reflected XSS in Admin Page Creation

Reflected Cross-Site Scripting XSS exists in Microweber CMS 2.0 through the layout parameter on the /admin/page/create page. It allows arbitrary JavaScript to execute in the context of authenticated admin users. id: CVE-2025-51502 info: name: Microweber CMS 2.0 - Reflected XSS in Admin Page...

6.1CVSS5.9AI score0.00765EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.11 views

Parse Server - GraphQL Schema Information Disclosure

The Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While schema introspection reveals only metadata and not actual data, this metadata can still expand the potential attack surface. id: CVE-2025-53364 info: name...

5.3CVSS6.5AI score0.00814EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.16 views

Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File

The Featured Image from URL FIFU plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

5.3CVSS5.6AI score0.1107EPSS
Exploits0
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.12 views

SmarterMail - Unrestricted File Upload

Mail server contains an unrestricted file upload vulnerability allowing unauthenticated attackers to upload arbitrary files to any location, potentially enabling remote code execution. id: CVE-2025-52691 info: name: SmarterMail - Unrestricted File Upload author: DhiyaneshDK,watchTowr severity:...

10CVSS6.4AI score0.85457EPSS
Exploits15References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.12 views

WeGIA - Directory Traversal

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal vulnerability was discovered in the WeGIA application, html/socio/sistema/downloadremessa.php endpoint. This vulnerability could allow an attacker to...

10CVSS6AI score0.01552EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.13 views

HPE OneView - Remote Code Execution

HPE OneView contains a remote code execution vulnerability, letting remote attackers execute arbitrary code. id: CVE-2025-37164 info: name: HPE OneView - Remote Code Execution author: DhiyaneshDk,garciaizcoa severity: critical description: | HPE OneView contains a remote code execution...

10CVSS7AI score0.89733EPSS
Exploits8References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.14 views

Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download

Agent-Zero v0.8.0 - 0.9.4 contains a path traversal caused by improper validation in /api/downloadworkdirfile.py, letting attackers access unauthorized files, exploit requires crafted request. id: CVE-2025-55523 info: name: Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download author: 0xAkoko...

3.5CVSS4.7AI score0.00979EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.12 views

Atarim < 4.2.2 - Sensitive Information Exposure

Vito Peleg Atarim = 4.2 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve embedded sensitive data remotely, exploit requires no special privileges. id: CVE-2025-60188 info: name: Atarim...

7.5CVSS5.2AI score0.02882EPSS
Exploits2References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.8 views

Avigilon ACM - Host Header Injection

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. id: CVE-2025-56266 info: name: Avigilon ACM - Host Header Injection author: DhiyaneshDK severity: medium description: | A Host Header Injection vulnerability in...

9.8CVSS7.8AI score0.02695EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.22 views

Zimbra Collaboration - Local File Inclusion

Zimbra Collaboration ZCS 10.0 and 10.1 contain a local file inclusion caused by improper handling of user-supplied parameters in the RestFilter servlet, letting unauthenticated remote attackers include arbitrary files from WebRoot, exploit requires crafted requests to /h/rest endpoint. id:...

8.8CVSS5.8AI score0.31769EPSS
Exploits5References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.15 views

Commvault Unauthenticated Password Disclosure (WT-2025-0047)

An issue was discovered in Commvault before 11.36.60. A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk. id: CVE-2025-57788 info: name: Commvault...

6.9CVSS7.3AI score0.02721EPSS
Exploits4References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.7 views

PowerJob List - Authorization Bypass

PowerJob = 5.1.2 contains a broken access control caused by missing authorization in /user/list function, letting remote attackers access unauthorized resources, exploit requires no special privileges. id: CVE-2025-11580 info: name: PowerJob List - Authorization Bypass author: DhiyaneshDk severit...

6.9CVSS5.5AI score0.01013EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.81 views

The Events Calendar <= 6.15.2 - Information Disclosure

The Events Calendar WordPress plugin = 6.15.2 contains an information disclosure vulnerability caused by REST endpoint exposure, letting unauthenticated attackers extract data about password-protected vendors or venues, exploit requires no authentication. id: CVE-2025-9808 info: name: The Events...

5.3CVSS6.2AI score0.00771EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.18 views

Commvault Initial Administrator Login Process Vulnerability

An issue was discovered in Commvault before 11.36.60.During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured. id:...

5.4CVSS7.3AI score0.01104EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.13 views

Vite - Information Disclosure

Vite is a frontend tooling framework for JavaScript.In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended wi...

6CVSS7.2AI score0.01031EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.30 views

Astro - Broken Access Control

Astro 2.16.0 to 5.15.5 contains a broken access control caused by insecure use of unsanitized x-forwarded-proto and x-forwarded-port headers in URL building, letting attackers bypass middleware protection, cause DoS, SSRF, and URL pollution, exploit requires crafted headers. id: CVE-2025-64525...

6.5CVSS5.3AI score0.01189EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.34 views

Hoverfly <= 1.11.3 - Remote Code Execution

Hoverfly versions 1.11.3 and below are vulnerable to remote code execution RCE via command injection in the middleware API endpoint /api/v2/hoverfly/middleware. Insufficient validation of the 'binary' and 'script' parameters allows an unauthenticated attacker to execute arbitrary commands on the...

9.8CVSS9AI score0.10543EPSS
Exploits7References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.20 views

Twonky Server 8.5.2 on Linux and Windows - Log File Exposure

Twonky Server 8.5.2 contains a broken access control vulnerability caused by bypassing web service API authentication, letting unauthenticated attackers read log files with administrator credentials, exploit requires no authentication id: CVE-2025-13315 info: name: Twonky Server 8.5.2 on Linux an...

9.8CVSS6.8AI score0.32548EPSS
Exploits3References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.11 views

Eveo URVE Web Manager - Server-Side Request Forgery

Eveo URVE Web Manager 27.02.2025 contains a server-side request forgery caused by improper validation of URL input in /internal/redirect.php, letting attackers make requests to internal endpoints, exploit requires crafted URL input. id: CVE-2025-36845 info: name: Eveo URVE Web Manager - Server-Si...

8.6CVSS5.4AI score0.0158EPSS
Exploits1References2
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.14 views

Omnissa Workspace ONE UEM - Path Traversal

Omnissa Workspace ONE UEM contains a path traversal caused by crafted GET requests to restricted API endpoints, letting malicious actors access sensitive information, exploit requires sending crafted requests. id: CVE-2025-25231 info: name: Omnissa Workspace ONE UEM - Path Traversal author:...

7.5CVSS6.5AI score0.20348EPSS
Exploits1References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.11 views

XWiki REST API - Private Pages Disclosure

A vulnerability in XWiki's REST API allows unauthenticated users to access information about private pages through the pages endpoint. This could lead to disclosure of sensitive information and page metadata. id: CVE-2025-29925 info: name: XWiki REST API - Private Pages Disclosure author:...

8.7CVSS6.2AI score0.00906EPSS
Exploits1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.31 views

DNN - Unrestricted Arbitrary File Upload

DNN formerly DotNetNuke \u003C 10.1.1 contains an unrestricted file upload vulnerability caused by the default HTML editor provider allowing unauthenticated file uploads and overwriting existing files, letting unauthenticated attackers deface websites and inject XSS payloads, exploit requires no...

10CVSS6.2AI score0.44656EPSS
Exploits3References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.86 views

SpringBlade - Information Leakage

SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a SpringCloud distributed microservice architecture and a SpringBoot monolithic microservice architecture. The SpringBlade framework has a default SIGNKEY, which can be exploited by...

6.7AI score
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.146 views

IBM WebSphere HCL Digital Experience - Server-Side Request Forgery

IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers. id: CVE-2021-27748 info: name: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery author: pdteam severity: high description: | IBM WebSphere HCL...

5.6AI score
Exploits0References3
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.166 views

Ntopng Authentication Bypass

Ntopng, a passive network monitoring tool, contains an authentication bypass vulnerability in ntopng = 4.2 id: CVE-2021-28073 info: name: Ntopng Authentication Bypass author: z3bd severity: critical description: Ntopng, a passive network monitoring tool, contains an authentication bypass...

9.8CVSS9.2AI score0.14195EPSS
Exploits1References3
Total number of security vulnerabilities4143