Nuclei templates used in Network Vulnerability Scanner (part 2)

Written by Engineering Team
Updated 9 months ago

This is the second part of the network-related Nuclei templates used in our Network Vulnerability Scanner.

Name Template
WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution (CVE-2020-12800) cve/CVE-2020-12800.yaml
WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting (CVE-2021-24291) cve/CVE-2021-24291.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-19752) cve/CVE-2018-19752.yaml
WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting cve/CVE-2021-24287.yaml
vBulletin SQL Injection (CVE-2020-12720) cve/CVE-2020-12720.yaml
Open edX <2022-06-06 - Cross-Site Scripting (CVE-2022-32195) cve/CVE-2022-32195.yaml
PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE) (CVE-2023-0297) cve/CVE-2023-0297.yaml
Apache Druid Kafka Connect - Remote Code Execution (CVE-2023-25194) cve/apache-druid-kafka-connect-rce.yaml
WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting (CVE-2020-17453) cve/CVE-2020-17453.yaml
Apache Airflow OS Command Injection (CVE-2022-24288) cve/CVE-2022-24288.yaml
WordPress Ninja Forms <3.4.34 - Open Redirect (CVE-2021-24165) cve/CVE-2021-24165.yaml
OpenCATS 0.9.6 - Cross-Site Scripting (CVE-2022-43014) cve/CVE-2022-43014.yaml
Joomla! Component Photo Battle 1.0.1 - Local File Inclusion (CVE-2010-1461) cve/CVE-2010-1461.yaml
WordPress RobotCPA 5 - Directory Traversal (CVE-2015-9480) cve/CVE-2015-9480.yaml
Microweber <1.2.12 - Stored Cross-Site Scripting (CVE-2022-0963) cve/CVE-2022-0963.yaml
Alerta < 8.1.0 - Authentication Bypass (CVE-2020-26214) cve/CVE-2020-26214.yaml
Bank Locker Management System v1.0 - SQL Injection (CVE-2023-0562) cve/CVE-2023-0562.yaml
Doctor Appointment System 1.0 - SQL Injection (CVE-2021-27316) cve/CVE-2021-27316.yaml
Cuppa CMS v1.0 - SQL injection (CVE-2022-27985) cve/CVE-2022-27985.yaml
Joomla! Component TweetLA 1.0.1 - Local File Inclusion (CVE-2010-1533) cve/CVE-2010-1533.yaml
rConfig <3.9.4 - Sensitive Information Disclosure (CVE-2020-9425) cve/CVE-2020-9425.yaml
Spring Boot - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/springboot-log4j-rce.yaml
Microweber <1.2.15 - Cross-Site Scripting (CVE-2022-1439) cve/CVE-2022-1439.yaml
WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion (CVE-2015-5469) cve/CVE-2015-5469.yaml
Joomla! Component JotLoader 2.2.1 - Local File Inclusion (CVE-2010-4617) cve/CVE-2010-4617.yaml
Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting (CVE-2011-4336) cve/CVE-2011-4336.yaml
Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection (CVE-2023-1020) cve/CVE-2023-1020.yaml
WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting cve/CVE-2011-5106.yaml
VMware vSphere Client (HTML5) - Remote Code Execution (CVE-2021-21972) cve/CVE-2021-21972.yaml
Spring Cloud Config Server - Local File Inclusion (CVE-2020-5410) cve/CVE-2020-5410.yaml
Joomla! Component Jfeedback 1.2 - Local File Inclusion (CVE-2010-1478) cve/CVE-2010-1478.yaml
FineCMS <=5.0.10 - Cross-Site Scripting (CVE-2017-11629) cve/CVE-2017-11629.yaml
Rukovoditel <= 2.7.2 - Cross Site Scripting (CVE-2020-35986) cve/CVE-2020-35986.yaml
Joomla! Portfolio Nexus - Remote File Inclusion (CVE-2009-4679) cve/CVE-2009-4679.yaml
MindPalette NateMail 3.0.15 - Cross-Site Scripting (CVE-2019-13392) cve/CVE-2019-13392.yaml
Nette Framework - Remote Code Execution (CVE-2020-15227) cve/CVE-2020-15227.yaml
Cisco IOS HTTP Configuration - Authentication Bypass (CVE-2001-0537) cve/CVE-2001-0537.yaml
SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request cve/CVE-2020-6308.yaml
PrestaShop 1.7.7.0 - SQL Injection (CVE-2021-3110) cve/CVE-2021-3110.yaml
Xiaomi Mi WiFi R3G Routers - Local file Inclusion (CVE-2019-18371) cve/CVE-2019-18371.yaml
AppCMS - Cross-Site Scripting (CVE-2021-45380) cve/CVE-2021-45380.yaml
WordPress Country Selector <1.6.6 - Cross-Site Scripting (CVE-2022-28290) cve/CVE-2022-28290.yaml
Hue Magic 3.0.0 - Local File Inclusion (CVE-2021-25864) cve/CVE-2021-25864.yaml
Apache Druid - Local File Inclusion (CVE-2021-36749) cve/CVE-2021-36749.yaml
Eaton Intelligent Power Manager 1.6 - Directory Traversal (CVE-2018-12031) cve/CVE-2018-12031.yaml
Grafana 3.0.1-7.0.1 - Server-Side Request Forgery (CVE-2020-13379) cve/CVE-2020-13379.yaml
Magento Mass Importer <0.7.24 - Remote Auth Bypass (CVE-2020-5777) cve/CVE-2020-5777.yaml
Cisco RV132W/RV134W Router - Information Disclosure (CVE-2018-0127) cve/CVE-2018-0127.yaml
Oracle WebLogic Server - Remote Code Execution (CVE-2018-2894) cve/CVE-2018-2894.yaml
XStream <1.4.18 - Server-Side Request Forgery (CVE-2021-39152) cve/CVE-2021-39152.yaml
Alert Before Your Post <= 0.1.1 - Cross-Site Scripting (CVE-2011-5107) cve/CVE-2011-5107.yaml
Jira <8.4.0 - Information Disclosure (CVE-2019-8449) cve/CVE-2019-8449.yaml
Seo Panel 4.8.0 - Cross-Site Scripting (CVE-2021-3002) cve/CVE-2021-3002.yaml
WordPress Daily Prayer Time <2022.03.01 - SQL Injection (CVE-2022-0785) cve/CVE-2022-0785.yaml
kkFileView 4.1.0 - Cross-Site Scripting (CVE-2022-35151) cve/CVE-2022-35151.yaml
Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion (CVE-2010-1659) cve/CVE-2010-1659.yaml
Kramer VIAware - Remote Code Execution (CVE-2021-36356) cve/CVE-2021-36356.yaml
Spotweb <= 1.5.1 - Cross Site Scripting (CVE-2021-40971) cve/CVE-2021-40971.yaml
KubeView <=0.1.31 - Information Disclosure (CVE-2022-45933) cve/CVE-2022-45933.yaml
WBCE CMS v1.5.4 - Remote Code Execution (CVE-2022-46020) cve/CVE-2022-46020.yaml
Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass (CVE-2018-3810) cve/CVE-2018-3810.yaml
Cacti - Cross-Site Scripting (CVE-2021-26247) cve/CVE-2021-26247.yaml
MAGMI - Cross-Site Request Forgery (CVE-2020-5776) cve/CVE-2020-5776.yaml
WordPress WooCommerce <3.1.2 - Arbitrary Function Call (CVE-2022-1020) cve/CVE-2022-1020.yaml
Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution (CVE-2020-11853) cve/CVE-2020-11853.yaml
SAP NetWeaver Application Server Java 7.5 - Local File Inclusion (CVE-2017-12637) cve/CVE-2017-12637.yaml
WordPress Sniplets 1.1.2 - Local File Inclusion (CVE-2008-1059) cve/CVE-2008-1059.yaml
Zoho ManageEngine ServiceDesk Plus - Remote Code Execution (CVE-2021-44077) cve/CVE-2021-44077.yaml
Ghost CMS <=4.32 - Cross-Site Scripting (CVE-2021-29484) cve/CVE-2021-29484.yaml
74cms - ajax_common.php SQL Injection (CVE-2020-22210) cve/CVE-2020-22209.yaml
IBAX - SQL Injection (CVE-2022-3800) cve/CVE-2022-3800.yaml
rConfig 3.9.4 - SQL Injection (CVE-2020-10547) cve/CVE-2020-10547.yaml
D-Link DIR-816L 2.x - Cross-Site Scripting (CVE-2020-15895) cve/CVE-2020-15895.yaml
WordPress Contact Form 7 - Unrestricted File Upload (CVE-2020-35489) cve/CVE-2020-35489.yaml
HD-Network Realtime Monitoring System 2.0 - Local File Inclusion (CVE-2021-45043) cve/CVE-2021-45043.yaml
Express-handlebars - Local File Inclusion (CVE-2021-32820) cve/CVE-2021-32820.yaml
CRM Perks Forms < 1.1.1 - Cross Site Scripting (CVE-2022-38467) cve/CVE-2022-38467.yaml
cPanel - Cross-Site Scripting (CVE-2023-29489) cve/CVE-2023-29489.yaml
LiveZilla Server 8.0.1.0 - Cross-Site Scripting (CVE-2019-12962) cve/CVE-2019-12962.yaml
Joomla! Component com_jvideodirect - Directory Traversal (CVE-2010-0942) cve/CVE-2010-0942.yaml
Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting (CVE-2021-27330) cve/CVE-2021-27330.yaml
Apache ShenYu Admin JWT - Authentication Bypass (CVE-2021-37580) cve/CVE-2021-37580.yaml
H3C SSL VPN <=2022-07-10 - Cross-Site Scripting (CVE-2022-35416) cve/CVE-2022-35416.yaml
WordPress Core <4.7.1 - Username Enumeration (CVE-2017-5487) cve/CVE-2017-5487.yaml
Apache Cocoon 2.1.12 - XML Injection (CVE-2020-11991) cve/CVE-2020-11991.yaml
Securepoint UTM - Leaking Remote Memory Contents (CVE-2023-22897) cve/CVE-2023-22897.yaml
Hotel Druid 3.0.2 - Cross-Site Scripting (CVE-2021-37833) cve/CVE-2021-37833.yaml
Unyson < 2.7.27 - Cross Site Scripting (CVE-2022-2219) cve/CVE-2022-2219.yaml
Podcast Channels < 0.28 - Cross-Site Scripting (CVE-2014-4544) cve/CVE-2014-4544.yaml
WordPress WPQA <5.4 - Cross-Site Scripting (CVE-2022-1597) cve/CVE-2022-1597.yaml
Joomla! Component Horoscope 1.5.0 - Local File Inclusion (CVE-2010-1472) cve/CVE-2010-1472.yaml
Ghost CMS < 5.42.1 - Path Traversal (CVE-2023-32235) cve/CVE-2023-32235.yaml
Car Rental Management System 1.0 - Local File Inclusion (CVE-2020-29227) cve/CVE-2020-29227.yaml
WordPress Best Books <=2.6.3 - SQL Injection (CVE-2022-0827) cve/CVE-2022-0827.yaml
WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion (CVE-2020-11738) cve/CVE-2020-11738.yaml
phpfastcache - phpinfo Resource Exposure (CVE-2021-37704) cve/CVE-2021-37704.yaml
FUEL CMS 1.4.1 - Remote Code Execution (CVE-2018-16763) cve/CVE-2018-16763.yaml
Drupal - Remote Code Execution (CVE-2018-7602) cve/CVE-2018-7602.yaml
D-Link - Unauthenticated Remote Code Execution (CVE-2018-6530) cve/CVE-2018-6530.yaml
Jiangnan Online Judge 0.8.0 - Local File Inclusion (CVE-2019-17538) cve/CVE-2019-17538.yaml
Microweber <1.2.11 - Stored Cross-Site Scripting (CVE-2022-0954) cve/CVE-2022-0954.yaml
VMware VRealize Network Insight - Remote Code Execution (CVE-2023-20887) cve/CVE-2023-20887.yaml
Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection (CVE-2020-17506) cve/CVE-2020-17506.yaml
Citrix SD-WAN Center - Remote Command Injection (CVE-2019-12988) cve/CVE-2019-12988.yaml
Nova Lite < 1.3.9 - Cross-Site Scripting (CVE-2020-17362) cve/CVE-2020-17362.yaml
Telaen => v1.3.1 - Open Redirect (CVE-2013-2621) cve/CVE-2013-2621.yaml
Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion (CVE-2010-1977) cve/CVE-2010-1977.yaml
Ellucian Ethos Identity CAS - Cross-Site Scripting (CVE-2023-2822) cve/CVE-2023-2822.yaml
Spring - Remote Code Execution (CVE-2022-22965) cve/CVE-2022-22965.yaml
Thinfinity VirtualUI User Enumeration (CVE-2021-44848) cve/CVE-2021-44848.yaml
WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting (CVE-2022-0595) cve/CVE-2022-0595.yaml
WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting (CVE-2022-4306) cve/CVE-2022-4306.yaml
NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution (CVE-2020-26919) cve/CVE-2020-26919.yaml
Deltek Maconomy 2.2.5 - Local File Inclusion (CVE-2019-12314) cve/CVE-2019-12314.yaml
Unauthenticated File Read Adobe ColdFusion (CVE-2023-26360) cve/CVE-2023-26360.yaml
WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting (CVE-2021-24274) cve/CVE-2021-24274.yaml
Traggo Server - Local File Inclusion (CVE-2023-34843) cve/CVE-2023-34843.yaml
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-44951) cve/CVE-2022-44951.yaml
WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote cve/CVE-2022-0346.yaml
Ghostcat - Apache Tomcat - AJP File Read/Inclusion Vulnerability (CVE-2020-1938) cve/CVE-2020-1938.yaml
GitLab GraphQL API User Enumeration (CVE-2021-4191) cve/CVE-2021-4191.yaml
JeecgBoot 3.5.0 - SQL Injection (CVE-2023-34659) cve/CVE-2023-34659.yaml
Atlassian Bitbucket - Remote Command Injection (CVE-2022-36804) cve/CVE-2022-36804.yaml
Node.js Embedded JavaScript 3.1.6 - Template Injection (CVE-2022-29078) cve/CVE-2022-29078.yaml
Odoo - Cross-Site Scripting (CVE-2023-1434) cve/CVE-2023-1434.yaml
ARMember < 3.4.8 - Unauthenticated Admin Account Takeover (CVE-2022-1903) cve/CVE-2022-1903.yaml
Wavlink WN535K2/WN535K3 - OS Command Injection (CVE-2022-2487) cve/CVE-2022-2487.yaml
WordPress Google Maps <7.11.18 - SQL Injection (CVE-2019-10692) cve/CVE-2019-10692.yaml
WBCE CMS v1.5.4 - Cross Site Scripting (Stored) (CVE-2022-45038) cve/CVE-2022-45038.yaml
Sonatype Nexus Repository Manager 3 - Remote Code Execution (CVE-2020-10199) cve/CVE-2020-10199.yaml
WordPress Asgaros Forum <1.15.13 - SQL Injection (CVE-2021-24827) cve/CVE-2021-24827.yaml
WordPress Qards - Cross-Site Scripting (CVE-2017-18598) cve/CVE-2017-18598.yaml
Jeesns 1.4.2 - Cross-Site Scripting (CVE-2020-19283) cve/CVE-2020-19283.yaml
OpenSIS 7.3 - SQL Injection (CVE-2020-6637) cve/CVE-2020-6637.yaml
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31983) cve/CVE-2022-31983.yaml
LDAP Injection In OpenAM (CVE-2021-29156) cve/CVE-2021-29156.yaml
Apache Flink 1.5.1 - Local File Inclusion (CVE-2020-17518) cve/CVE-2020-17518.yaml
WordPress JSmol2WP <=1.07 - Local File Inclusion (CVE-2018-20463) cve/CVE-2018-20463.yaml
Joomla! Core SQL Injection (CVE-2015-7297) cve/CVE-2015-7297.yaml
NETGEAR - Authentication Bypass (CVE-2020-27866) cve/CVE-2020-27866.yaml
VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication cve/CVE-2022-22972.yaml
DomainMOD 4.13.0 - Cross-Site Scripting (CVE-2020-20988) cve/CVE-2020-20988.yaml
Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution (CVE-2021-42013) cve/CVE-2021-42013.yaml
Anchor CMS 0.12.3 - Error Log Exposure (CVE-2018-7251) cve/CVE-2018-7251.yaml
BlogEngine.NET 3.3.7.0 - Local File Inclusion (CVE-2019-10717) cve/CVE-2019-10717.yaml
Kibana - Local File Inclusion (CVE-2018-17246) cve/CVE-2018-17246.yaml
Apache Druid - Remote Code Execution (CVE-2021-25646) cve/CVE-2021-25646.yaml
ILIAS eLearning <7.16 - Open Redirect (CVE-2022-45917) cve/CVE-2022-45917.yaml
BIQS IT Biqs-drive v1.83 Local File Inclusion (CVE-2021-39433) cve/CVE-2021-39433.yaml
Clansphere CMS 2011.4 - Cross-Site Scripting (CVE-2021-27310) cve/CVE-2021-27310.yaml
Cobbler <3.3.0 - Remote Code Execution (CVE-2021-40323) cve/CVE-2021-40323.yaml
Prometheus - Open Redirect (CVE-2021-29622) cve/CVE-2021-29622.yaml
Webkul QloApps 1.6.0 - Cross-site Scripting (CVE-2023-36289) cve/CVE-2023-36289.yaml
Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal (CVE-2010-2037) cve/CVE-2010-2037.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-19914) cve/CVE-2018-19914.yaml
WordPress Simple Image Manipulator < 1.0 - Local File Inclusion (CVE-2015-1000010) cve/CVE-2015-1000010.yaml
Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution (CVE-2021-22053) cve/CVE-2021-22053.yaml
BackupBuddy - Local File Inclusion (CVE-2022-31474) cve/CVE-2022-31474.yaml
pfSense - Arbitrary File Write (CVE-2021-41282) cve/CVE-2021-41282.yaml
Php-mod/curl Library <2.3.2 - Cross-Site Scripting (CVE-2021-30134) cve/CVE-2021-30134.yaml
Agentejo Cockpit < 0.11.2 - NoSQL Injection (CVE-2020-35846) cve/CVE-2020-35846.yaml
WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery (CVE-2022-45362) cve/CVE-2022-45362.yaml
ResourceSpace - Local File inclusion (CVE-2015-3648) cve/CVE-2015-3648.yaml
Zyxel NAS Firmware 5.21- Remote Code Execution (CVE-2020-9054) cve/CVE-2020-9054.yaml
ZTE Cable Modem Web Shell (CVE-2014-2321) cve/CVE-2014-2321.yaml
WordPress Integrator 1.32 - Cross-Site Scripting (CVE-2012-5913) cve/CVE-2012-5913.yaml
Open Redirect in Host Authorization Middleware (CVE-2021-44528) cve/CVE-2021-44528.yaml
Advanced Comment System 1.0 - Local File Inclusion (CVE-2020-35598) cve/CVE-2020-35598.yaml
Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval (CVE-2010-2122) cve/CVE-2010-2122.yaml
Gurock TestRail Application files.md5 Exposure (CVE-2021-40875) cve/CVE-2021-40875.yaml
Zoho ManageEngine - Remote Code Execution (CVE-2022-35405) cve/CVE-2022-35405.yaml
TerraMaster TOS <.1.29 - Remote Code Execution (CVE-2020-15568) cve/CVE-2020-15568.yaml
Eclipse Jetty - Information Disclosure (CVE-2021-34429) cve/CVE-2021-34429.yaml
Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code cve/CVE-2020-14883.yaml
WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting (CVE-2017-14651) cve/CVE-2017-14651.yaml
YouSayToo auto-publishing 1.0 - Cross-Site Scripting (CVE-2012-0901) cve/CVE-2012-0901.yaml
WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting (CVE-2016-1000142) cve/CVE-2016-1000142.yaml
Dolibarr <7.0.2 - Cross-Site Scripting (CVE-2018-10095) cve/CVE-2018-10095.yaml
Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion (CVE-2010-0972) cve/CVE-2010-0972.yaml
CouchCMS <= 2.0 - Path Disclosure (CVE-2018-7662) cve/CVE-2018-7662.yaml
Wavlink - Improper Access Control (CVE-2022-48165) cve/CVE-2022-48165.yaml
WordPress wSecure Lite < 2.4 - Remote Code Execution (CVE-2016-10960) cve/CVE-2016-10960.yaml
Bonita BPM Portal <6.5.3 - Local File Inclusion (CVE-2015-3897) cve/CVE-2015-3897.yaml
WordPress Candidate Application Form <= 1.3 - Local File Inclusion (CVE-2015-1000005) cve/CVE-2015-1000005.yaml
WordPress Simple File List <3.2.8 - Local File Inclusion (CVE-2022-1119) cve/CVE-2022-1119.yaml
WordPress Church Admin <0.810 - Cross-Site Scripting (CVE-2015-4127) cve/CVE-2015-4127.yaml
Adobe Experience Manager - XML External Entity Injection (CVE-2019-8086) cve/CVE-2019-8086.yaml
Shirne CMS 1.2.0 - Local File Inclusion (CVE-2022-37299) cve/CVE-2022-37299.yaml
Maian Cart <=3.8 - Remote Code Execution (CVE-2021-32172) cve/CVE-2021-32172.yaml
Oracle WebLogic Server Java Object Deserialization - Remote Code Execution cve/CVE-2016-3510.yaml
Cartadis Gespage 8.2.1 - Directory Traversal (CVE-2021-33807) cve/CVE-2021-33807.yaml
WordPress Gallery <2.0.0 - Cross-Site Scripting (CVE-2022-1946) cve/CVE-2022-1946.yaml
ZTE MF971R - Referer authentication bypass (CVE-2021-21745) cve/CVE-2021-21745.yaml
WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting (CVE-2021-24498) cve/CVE-2021-24498.yaml
Wavlink WN-533A8 - Cross-Site Scripting (CVE-2022-34048) cve/CVE-2022-34048.yaml
PuneethReddyHC Online Shopping System homeaction.php SQL Injection (CVE-2021-41649) cve/CVE-2021-41649.yaml
SysAid Technologies 20.3.64 b14 - Cross-Site Scripting (CVE-2021-30049) cve/CVE-2021-30049.yaml
Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion (CVE-2009-1558) cve/CVE-2009-1558.yaml
Spring Cloud Config - Local File Inclusion (CVE-2020-5405) cve/CVE-2020-5405.yaml
WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting (CVE-2013-4117) cve/CVE-2013-4117.yaml
WordPress GraceMedia Media Player 1.0 - Local File Inclusion (CVE-2019-9618) cve/CVE-2019-9618.yaml
Adminer <=4.8.0 - Cross-Site Scripting (CVE-2021-29625) cve/CVE-2021-29625.yaml
WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting (CVE-2021-24940) cve/CVE-2021-24940.yaml
Citrix SD-WAN Center - Remote Command Injection (CVE-2019-12985) cve/CVE-2019-12985.yaml
PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting (CVE-2022-24181) cve/CVE-2022-24181.yaml
WordPress Mailster <=1.5.4 - Cross-Site Scripting (CVE-2017-17451) cve/CVE-2017-17451.yaml
WAVLINK WN530HG4 - Improper Access Control (CVE-2022-34047) cve/CVE-2022-34047.yaml
ChurchCRM 4.5.3 - Cross-Site Scripting (CVE-2023-26842) cve/CVE-2023-26842.yaml
Apache Struts <2.3.1.1 - Remote Code Execution (CVE-2012-0394) cve/CVE-2012-0394.yaml
Chyrp 2.x - Local File Inclusion (CVE-2011-2744) cve/CVE-2011-2744.yaml
WordPress Metform <=2.1.3 - Information Disclosure (CVE-2022-1442) cve/CVE-2022-1442.yaml
Citrix - Local File Inclusion (CVE-2020-8193) cve/CVE-2020-8193.yaml
WordPress API Bearer Auth <20190907 - Cross-Site Scripting (CVE-2019-16332) cve/CVE-2019-16332.yaml
Accela Civic Platform <=21.1 - Cross-Site Scripting (CVE-2021-34370) cve/CVE-2021-34370.yaml
SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting (CVE-2002-1131) cve/CVE-2002-1131.yaml
WordPress Sitemap by click5 <1.0.36 - Missing Authorization (CVE-2022-0952) cve/CVE-2022-0952.yaml
WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion (CVE-2021-24970) cve/CVE-2021-24970.yaml
XStream 1.4.18 - Remote Code Execution (CVE-2021-39141) cve/CVE-2021-39141.yaml
SDT-CW3B1 1.1.0 - OS Command Injection (CVE-2021-46422) cve/CVE-2021-46422.yaml
WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting (CVE-2016-1000149) cve/CVE-2016-1000149.yaml
VMware NSX - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/vmware-nsx-log4j.yaml
Apache OFBiz <17.12.06 - Arbitrary Code Execution (CVE-2021-26295) cve/CVE-2021-26295.yaml
Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting (CVE-2021-46387) cve/CVE-2021-46387.yaml
Subrion CMS <4.1.5.10 - SQL Injection (CVE-2017-11444) cve/CVE-2017-11444.yaml
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation (CVE-2017-12635) cve/CVE-2017-12635.yaml
Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion (CVE-2010-1476) cve/CVE-2010-1476.yaml
Kentico - Installer Privilege Escalation (CVE-2017-17736) cve/CVE-2017-17736.yaml
Joomla! Component News Portal 1.5.x - Local File Inclusion (CVE-2010-1312) cve/CVE-2010-1312.yaml
WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting (CVE-2021-24387) cve/CVE-2021-24387.yaml
WordPress CTHthemes - Cross-Site Scripting (CVE-2019-20210) cve/CVE-2019-20210.yaml
Sercomm VD625 Smart Modems - CRLF Injection (CVE-2021-27132) cve/CVE-2021-27132.yaml
WordPress FoodBakery <2.2 - Cross-Site Scripting (CVE-2021-24389) cve/CVE-2021-24389.yaml
Apache Struts2 S2-062 - Remote Code Execution (CVE-2021-31805) cve/CVE-2021-31805.yaml
Homematic CCU3 - Local File Inclusion (CVE-2019-9726) cve/CVE-2019-9726.yaml
Adminer <4.7.9 - Server-Side Request Forgery (CVE-2021-21311) cve/CVE-2021-21311.yaml
WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure (CVE-2022-1595) cve/CVE-2022-1595.yaml
Joomla! Component com_janews - Local File Inclusion (CVE-2010-1219) cve/CVE-2010-1219.yaml
Wavlink Multiple AP - Remote Command Injection (CVE-2020-13117) cve/CVE-2020-13117.yaml
Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion (CVE-2017-15363) cve/CVE-2017-15363.yaml
Spring Cloud Gateway Code Injection (CVE-2022-22947) cve/CVE-2022-22947.yaml
Repetier Server - Directory Traversal (CVE-2023-31059) cve/CVE-2023-31059.yaml
WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting (CVE-2022-2187) cve/CVE-2022-2187.yaml
MSNSwitch Firmware MNT.2408 - Authentication Bypass (CVE-2022-32429) cve/CVE-2022-32429.yaml
Axigen Mail Server Filename Directory Traversal (CVE-2012-4940) cve/CVE-2012-4940.yaml
Apache 2.4.49 - Path Traversal and Remote Code Execution (CVE-2021-41773) cve/CVE-2021-41773.yaml
WordPress Stop Bad Bots <6.930 - SQL Injection (CVE-2022-0949) cve/CVE-2022-0949.yaml
WordPress InfiniteWP <1.9.4.5 - Authorization Bypass (CVE-2020-8772) cve/CVE-2020-8772.yaml
MKdocs 1.2.2 - Directory Traversal (CVE-2021-40978) cve/CVE-2021-40978.yaml
Trilium <0.52.4 - Cross-Site Scripting (CVE-2022-2290) cve/CVE-2022-2290.yaml
Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting (CVE-2018-19877) cve/CVE-2018-19877.yaml
Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery (CVE-2019-8982) cve/CVE-2019-8982.yaml
DotCMS < 5.0.2 - Open Redirect (CVE-2018-17422) cve/CVE-2018-17422.yaml
Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection (CVE-2023-0630) cve/CVE-2023-0630.yaml
FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting cve/CVE-2021-39350.yaml
Dairy Farm Shop Management System 1.0 - SQL Injection (CVE-2022-29007) cve/CVE-2022-29007.yaml
IncomCMS 2.0 - Arbitrary File Upload (CVE-2020-29597) cve/CVE-2020-29597.yaml
SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution (CVE-2021-20038) cve/CVE-2021-20038.yaml
JamF Pro - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/jamf-pro-log4j-rce.yaml
WordPress S3 Video <=0.983 - Cross-Site Scripting (CVE-2016-1000148) cve/CVE-2016-1000148.yaml
QNAP QTS Photo Station External Reference - Local File Inclusion (CVE-2022-27593) cve/CVE-2022-27593.yaml
Joomla! Component Cookex Agency CKForms - Local File Inclusion (CVE-2010-1345) cve/CVE-2010-1345.yaml
Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF META-INF) (CVE-2020-29453) cve/CVE-2020-29453.yaml
WSO2 Management - Arbitrary File Upload & Remote Code Execution (CVE-2022-29464) cve/CVE-2022-29464.yaml
WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting cve/CVE-2018-5316.yaml
Citrix ADC and Gateway - Directory Traversal (CVE-2019-19781) cve/CVE-2019-19781.yaml
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31984) cve/CVE-2022-31984.yaml
WooCommerce Payments - Unauthorized Admin Access (CVE-2023-28121) cve/CVE-2023-28121.yaml
Openfire Administration Console - Authentication Bypass (CVE-2023-32315) cve/CVE-2023-32315.yaml
Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting (CVE-2014-4561) cve/CVE-2014-4561.yaml
OpenEMR 4.1 - Local File Inclusion (CVE-2012-0991) cve/CVE-2012-0991.yaml
WordPress Photoxhibit 2.1.8 - Cross-Site Scripting (CVE-2016-1000143) cve/CVE-2016-1000143.yaml
WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site cve/CVE-2022-0147.yaml
Kubernetes Dashboard <1.10.1 - Authentication Bypass (CVE-2018-18264) cve/CVE-2018-18264.yaml
SquirrelMail 1.4.x - Folder Name Cross-Site Scripting (CVE-2004-0519) cve/CVE-2004-0519.yaml
Cuppa CMS v1.0 - Local File Inclusion (CVE-2022-25497) cve/CVE-2022-25497.yaml
Spotweb <= 1.5.1 - Cross Site Scripting (Reflected) (CVE-2021-40969) cve/CVE-2021-40969.yaml
WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting cve/CVE-2021-24214.yaml
SAP Internet Graphics Server (IGS) - XML External Entity Injection (CVE-2018-2392) cve/CVE-2018-2392.yaml
Odoo 8.0/9.0/10.0 - Local File Inclusion (CVE-2017-9416) cve/CVE-2017-9416.yaml
Yaws 1.91 - Local File Inclusion (CVE-2017-10974) cve/CVE-2017-10974.yaml
Joomla! Component Percha Image Attach 1.1 - Directory Traversal (CVE-2010-2034) cve/CVE-2010-2034.yaml
WWBN AVideo 11.6 - Cross-Site Scripting (CVE-2022-32770) cve/CVE-2022-32770.yaml
Purchase Order Management v1.0 - SQL Injection (CVE-2023-2130) cve/CVE-2023-2130.yaml
DomainMOD <=4.13.0 - Cross-Site Scripting (CVE-2019-15811) cve/CVE-2019-15811.yaml
Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion (CVE-2018-13980) cve/CVE-2018-13980.yaml
Aruba Airwave <8.2.3.1 - Cross-Site Scripting (CVE-2016-8527) cve/CVE-2016-8527.yaml
WordPress Imagements <=1.2.5 - Arbitrary File Upload (CVE-2021-24236) cve/CVE-2021-24236.yaml
uWSGI PHP Plugin Local File Inclusion (CVE-2018-7490) cve/CVE-2018-7490.yaml
Spotweb <= 1.5.1 - Cross Site Scripting (CVE-2021-40968) cve/CVE-2021-40968.yaml
Opsview Monitor Pro - Local File Inclusion (CVE-2016-10367) cve/CVE-2016-10367.yaml
SolarView 6.00 - Remote Command Execution (CVE-2022-40881) cve/CVE-2022-40881.yaml
Trixbox - 2.8.0.4 OS Command Injection (CVE-2017-14535) cve/CVE-2017-14535.yaml
WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure (CVE-2022-31847) cve/CVE-2022-31847.yaml
WordPress Fancy Product Designer <4.6.9 - Arbitrary File Upload (CVE-2021-24370) cve/CVE-2021-24370.yaml
Atlassian Questions For Confluence - Hardcoded Credentials (CVE-2022-26138) cve/CVE-2022-26138.yaml
Oracle WebLogic Server - Remote Code Execution (CVE-2018-2893) cve/CVE-2018-2893.yaml
WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion (CVE-2019-14205) cve/CVE-2019-14205.yaml
WAVLINK WN530HG4 - Improper Access Control (CVE-2022-34045) cve/CVE-2022-34045.yaml
Custom 404 Pro < 3.2.8 - Cross-Site Scripting (CVE-2019-14789) cve/CVE-2019-14789.yaml
Joomla! Component GMapFP 3.5 - Arbitrary File Upload (CVE-2020-23972) cve/CVE-2020-23972.yaml
Micro Focus UCMDB - Remote Code Execution (CVE-2020-11854) cve/CVE-2020-11854.yaml
Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting (CVE-2021-37416) cve/CVE-2021-37416.yaml
Netsweeper 4.0.8 - Cross-Site Scripting (CVE-2014-9606) cve/CVE-2014-9606.yaml
Thinkphp Lang - Local File Inclusion (CVE-2022-47945) cve/CVE-2022-47945.yaml
RPCMS 3.0.2 - Cross-Site Scripting (CVE-2022-41473) cve/CVE-2022-41473.yaml
Gogs (Go Git Service) 0.11.66 - Remote Code Execution (CVE-2018-18925) cve/CVE-2018-18925.yaml
b2evolution CMS <6.11.6 - Open Redirect (CVE-2020-22840) cve/CVE-2020-22840.yaml
Advantech R-SeeNet 2.4.12 - Cross-Site Scripting (CVE-2021-21800) cve/CVE-2021-21800.yaml
Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting (CVE-2018-20824) cve/CVE-2018-20824.yaml
Advantech R-SeeNet 2.4.12 - OS Command Injection (CVE-2021-21805) cve/CVE-2021-21805.yaml
Apache Kylin 3.0.1 - Command Injection Vulnerability (CVE-2020-1956) cve/CVE-2020-1956.yaml
nostromo 1.9.6 - Remote Code Execution (CVE-2019-16278) cve/CVE-2019-16278.yaml
Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting (CVE-2020-2096) cve/CVE-2020-2096.yaml
muhttpd <=1.1.5 - Local Inclusion (CVE-2022-31793) cve/CVE-2022-31793.yaml
Xceedium Xsuite <=2.4.4.5 - Local File Inclusion (CVE-2015-4666) cve/CVE-2015-4666.yaml
PMB v7.4.6 - Cross-Site Scripting (CVE-2023-24737) cve/CVE-2023-24737.yaml
Argus Surveillance DVR 4.0.0.0 - Local File Inclusion (CVE-2018-15745) cve/CVE-2018-15745.yaml
WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure (CVE-2020-12127) cve/CVE-2020-12127.yaml
School Dormitory Management System 1.0 - SQL Injection (CVE-2022-30512) cve/CVE-2022-30512.yaml
kkFileView 4.1.0 - Cross-Site Scripting (CVE-2022-46934) cve/CVE-2022-46934.yaml
F5 iControl REST - Remote Command Execution (CVE-2021-22986) cve/CVE-2021-22986.yaml
AxxonSoft Axxon Next - Local File Inclusion (CVE-2018-7467) cve/CVE-2018-7467.yaml
Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS (CVE-2004-1965) cve/CVE-2004-1965.yaml
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31981) cve/CVE-2022-31981.yaml
Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local cve/CVE-2020-3452.yaml
SolarView Compact 6.00 - 'pow' Cross-Site Scripting (CVE-2022-29301) cve/CVE-2022-29301.yaml
Ivanti Avalanche 6.3.2 - Local File Inclusion (CVE-2021-30497) cve/CVE-2021-30497.yaml
LG SuperSign EZ CMS 2.5 - Local File Inclusion (CVE-2018-16288) cve/CVE-2018-16288.yaml
PhpMyAdmin <4.8.2 - Local File Inclusion (CVE-2018-12613) cve/CVE-2018-12613.yaml
Netsweeper 4.0.8 - Directory Traversal (CVE-2014-9609) cve/CVE-2014-9609.yaml
TikiWiki CMS Groupware v8.3 - Open Redirect (CVE-2012-5321) cve/CVE-2012-5321.yaml
Node.js <8.6.0 - Directory Traversal (CVE-2017-14849) cve/CVE-2017-14849.yaml
WordPress DZS-VideoGallery Plugin Cross-Site Scripting (CVE-2014-9094) cve/CVE-2014-9094.yaml
WordPress VR Calendar <=2.3.2 - Remote Code Execution (CVE-2022-2314) cve/CVE-2022-2314.yaml
WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting (CVE-2016-1000146) cve/CVE-2016-1000146.yaml
Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection (CVE-2021-25298) cve/CVE-2021-25298.yaml
Lighttpd 1.4.34 SQL Injection and Path Traversal (CVE-2014-2323) cve/CVE-2014-2323.yaml
phpMyAdmin <4.8.5 - Local File Inclusion (CVE-2019-6799) cve/CVE-2019-6799.yaml
TeamPass 2.1.27.36 - Improper Authentication (CVE-2020-12478) cve/CVE-2020-12478.yaml
WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure (CVE-2022-2373) cve/CVE-2022-2373.yaml
OpenDreambox 2.0.0 - Remote Code Execution (CVE-2017-14135) cve/CVE-2017-14135.yaml
Citrix ADC/Gateway - Cross-Site Scripting (CVE-2020-8191) cve/CVE-2020-8191.yaml
SolarView Compact 6.00 - OS Command Injection (CVE-2022-29303) cve/CVE-2022-29303.yaml
Jeesns 1.4.2 - Cross-Site Scripting (CVE-2020-19295) cve/CVE-2020-19295.yaml
HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting (CVE-2020-25864) cve/CVE-2020-25864.yaml
SpeakOut Email Petitions < 2.14.15.1 - SQL Injection (CVE-2022-0846) cve/CVE-2022-0846.yaml
Joomla! Plugin Core Design Scriptegrator - Local File Inclusion (CVE-2010-0759) cve/CVE-2010-0759.yaml
Cuppa CMS v1.0 - Local File Inclusion (CVE-2022-25485) cve/CVE-2022-25485.yaml
WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting (CVE-2022-0148) cve/CVE-2022-0148.yaml
Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion (CVE-2010-1954) cve/CVE-2010-1954.yaml
WordPress Fontsy <=1.8.6 - SQL Injection (CVE-2022-4447) cve/CVE-2022-4447.yaml
TVT NVMS 1000 - Local File Inclusion (CVE-2019-20085) cve/CVE-2019-20085.yaml
Joomla! Component webERPcustomer - Local File Inclusion (CVE-2010-1315) cve/CVE-2010-1315.yaml
WordPress Download Manager <2.9.94 - Cross-Site Scripting (CVE-2019-15889) cve/CVE-2019-15889.yaml
Joomla! Cmimarketplace 0.1 - Local File Inclusion (CVE-2009-1496) cve/CVE-2009-1496.yaml
Zyxel Firewall - OS Command Injection (CVE-2022-30525) cve/CVE-2022-30525.yaml
Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion (CVE-2018-9205) cve/CVE-2018-9205.yaml
WordPress Mail Masta 1.0 - Local File Inclusion (CVE-2016-10956) cve/CVE-2016-10956.yaml
WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload (CVE-2021-24284) cve/CVE-2021-24284.yaml
UC Gateway Investment SiteEngine v5.0 - Open Redirect (CVE-2008-7269) cve/CVE-2008-7269.yaml
Apache mod_userdir CRLF injection (CVE-2016-4975) cve/CVE-2016-4975.yaml
Timesheet Next Gen <=1.5.3 - Cross-Site Scripting (CVE-2019-1010287) cve/CVE-2019-1010287.yaml
Embedthis GoAhead <3.6.5 - Remote Code Execution (CVE-2017-17562) cve/CVE-2017-17562.yaml
Confluence - Remote Code Execution (CVE-2022-26134) cve/CVE-2022-26134.yaml
L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting (CVE-2019-15501) cve/CVE-2019-15501.yaml
Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion cve/CVE-2010-2918.yaml
Joomla! Component Property - Local File Inclusion (CVE-2010-1875) cve/CVE-2010-1875.yaml
Hongdian H8922 3.0.5 - Information Disclosure (CVE-2021-28150) cve/CVE-2021-28150.yaml
Car Rental Management System 1.0 - SQL Injection (CVE-2022-32028) cve/CVE-2022-32026.yaml
ehicle Service Management System 1.0 - Cross-Site Scripting (CVE-2021-46071) cve/CVE-2021-46071.yaml
Javafaces LFI (CVE-2013-3827) cve/CVE-2013-3827.yaml
Atmail 6.5.0 - Cross-Site Scripting (CVE-2022-30776) cve/CVE-2022-30776.yaml
WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting (CVE-2018-18069) cve/CVE-2018-18069.yaml
WordPress BackupBuddy <8.8.3 - Cross Site Scripting (CVE-2022-4897) cve/CVE-2022-4897.yaml
Pascom CPS Server-Side Request Forgery (CVE-2021-45967) cve/CVE-2021-45967.yaml
FlatnuX CMS - Directory Traversal (CVE-2012-4878) cve/CVE-2012-4878.yaml
Sidekiq <=6.2.0 - Cross-Site Scripting (CVE-2021-30151) cve/CVE-2021-30151.yaml
TCExam <= 14.8.1 - Sensitive Information Exposure (CVE-2021-20114) cve/CVE-2021-20114.yaml
PowerJob <=4.3.2 - Unauthenticated Access (CVE-2023-29923) cve/CVE-2023-29923.yaml
WordPress WPSmartContracts <1.3.12 - SQL Injection (CVE-2022-3768) cve/CVE-2022-3768.yaml
Dompdf < v0.6.0 - Local File Inclusion (CVE-2014-2383) cve/CVE-2014-2383.yaml
Cisco CUCM UCCX and Unified IP-IVR- Directory Traversal (CVE-2011-3315) cve/CVE-2011-3315.yaml
MStore API <= 3.9.2 - Authentication Bypass (CVE-2023-2732) cve/CVE-2023-2732.yaml
Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion (CVE-2022-29014) cve/CVE-2022-29014.yaml
Atom CMS v2.0 - SQL Injection (CVE-2022-28032) cve/CVE-2022-28032.yaml
Joomla! Component SmartSite 1.0.0 - Local File Inclusion (CVE-2010-1657) cve/CVE-2010-1657.yaml
Knowage Suite 7.3 - Cross-Site Scripting (CVE-2021-30213) cve/CVE-2021-30213.yaml
Car Rental Management System 1.0 - SQL Injection (CVE-2022-32025) cve/CVE-2022-32025.yaml
Hongdian H8922 3.0.5 - Remote Command Injection (CVE-2021-28151) cve/CVE-2021-28151.yaml
Tyto Sahi pro 7.x/8.x - Local File Inclusion (CVE-2018-20470) cve/CVE-2018-20470.yaml
WordPress New Year Firework <=1.1.9 - Cross-Site Scripting (CVE-2016-1000140) cve/CVE-2016-1000140.yaml
Mara CMS 7.5 - Cross-Site Scripting (CVE-2020-24223) cve/CVE-2020-24223.yaml
Z-Blog <=1.5.2 - Open Redirect (CVE-2020-18268) cve/CVE-2020-18268.yaml
VMware - Local File Inclusion (CVE-2022-31656) cve/CVE-2022-31656.yaml
Oracle WebLogic Server - Remote Command Execution (CVE-2017-10271) cve/CVE-2017-10271.yaml
Custom 404 Pro < 3.7.3 - Cross-Site Scripting (CVE-2023-2023) cve/CVE-2023-2023.yaml
HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting (CVE-2022-26564) cve/CVE-2022-26564.yaml
Agentejo Cockpit <0.12.0 - NoSQL Injection (CVE-2020-35848) cve/CVE-2020-35848.yaml
Seagate NAS OS 4.3.15.1 - Open Redirect (CVE-2018-12300) cve/CVE-2018-12300.yaml
Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting (CVE-2019-12581) cve/CVE-2019-12581.yaml
Joomla! Component com_blog - Directory Traversal (CVE-2010-1540) cve/CVE-2010-1540.yaml
Allied Telesis AT-GS950/8 - Local File Inclusion (CVE-2019-18922) cve/CVE-2019-18922.yaml
Purchase Order Management v1.0 - SQL Injection (CVE-2022-28022) cve/CVE-2022-28022.yaml
Microweber <1.2.11 - Cross-Site Scripting (CVE-2022-0678) cve/CVE-2022-0678.yaml
Nortek Linear eMerge E3-Series - Cross-Site Scripting (CVE-2022-31798) cve/CVE-2022-31798.yaml
2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting (CVE-2012-4273) cve/CVE-2012-4273.yaml
Dreambox WebControl 2.0.0 - Cross-Site Scripting (CVE-2017-15287) cve/CVE-2017-15287.yaml
Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery (CVE-2019-18394) cve/CVE-2019-18394.yaml
WordPress wpCentral <1.5.1 - Information Disclosure (CVE-2020-9043) cve/CVE-2020-9043.yaml
Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution (CVE-2022-21587) cve/CVE-2022-21587.yaml
Advanced Custom Fields < 6.1.6 - Cross-Site Scripting (CVE-2023-30777) cve/CVE-2023-30777.yaml
UniFi Network Application - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/unifi-network-log4j-rce.yaml
Rukovoditel <= 2.7.2 - Cross Site Scripting (CVE-2020-35984) cve/CVE-2020-35984.yaml
Dahua IPC/VTH/VTO - Authentication Bypass (CVE-2021-33044) cve/CVE-2021-33044.yaml
Citrix SD-WAN Center - Remote Command Injection (CVE-2019-12987) cve/CVE-2019-12987.yaml
WordPress wpDiscuz <=7.0.4 - Remote Code Execution (CVE-2020-24186) cve/CVE-2020-24186.yaml
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-44947) cve/CVE-2022-44947.yaml
VICIdial Sensitive Information Disclosure (CVE-2021-28854) cve/CVE-2021-28854.yaml
Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection (CVE-2019-2579) cve/CVE-2019-2579.yaml
Gogs <0.12.5 - Server-Side Request Forgery (CVE-2022-0870) cve/CVE-2022-0870.yaml
Ruby on Rails <5.0.1 - Remote Code Execution (CVE-2020-8163) cve/CVE-2020-8163.yaml
Wavlink WN535K2/WN535K3 - OS Command Injection (CVE-2022-2486) cve/CVE-2022-2486.yaml
Joomla! Component SMEStorage - Local File Inclusion (CVE-2010-1858) cve/CVE-2010-1858.yaml
WordPress DB Backup <=4.5 - Local File Inclusion (CVE-2014-9119) cve/CVE-2014-9119.yaml
WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload cve/CVE-2021-24347.yaml
Cyber Cafe Management System 1.0 - SQL Injection (CVE-2022-29009) cve/CVE-2022-29009.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-19892) cve/CVE-2018-19892.yaml
Accela Civic Platform <=21.1 - Cross-Site Scripting (CVE-2021-33904) cve/CVE-2021-33904.yaml
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31980) cve/CVE-2022-31980.yaml
Buffalo WSR-2533DHPL2 - Path Traversal (CVE-2021-20090) cve/CVE-2021-20090.yaml
MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion (CVE-2021-23241) cve/CVE-2021-23241.yaml
Joomla! Component Online Exam 1.5.0 - Local File Inclusion (CVE-2010-1715) cve/CVE-2010-1715.yaml
ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting (CVE-2012-4889) cve/CVE-2012-4889.yaml
Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure (CVE-2020-26413) cve/CVE-2020-26413.yaml
GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability. (CVE-2021-43778) cve/CVE-2021-43778.yaml
openSIS Student Information System 8.0 SQL Injection (CVE-2021-41691) cve/CVE-2021-41691.yaml
D-Link Routers - Remote Code Execution (CVE-2019-16920) cve/CVE-2019-16920.yaml
WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload (CVE-2022-4328) cve/CVE-2022-4328.yaml
Grafana <= 6.7.1 - Cross-Site Scripting (CVE-2020-11110) cve/CVE-2020-11110.yaml
Powertek Firmware <3.30.30 - Authorization Bypass (CVE-2022-33174) cve/CVE-2022-33174.yaml
Centos Web Panel 0.9.8.480 - Local File Inclusion (CVE-2018-18323) cve/CVE-2018-18323.yaml
DomPHP 0.83 - Directory Traversal (CVE-2014-10037) cve/CVE-2014-10037.yaml
LinuxKI Toolset <= 6.01 - Remote Command Execution (CVE-2020-7209) cve/CVE-2020-7209.yaml
HPE System Management - Cross-Site Scripting (CVE-2017-12544) cve/CVE-2017-12544.yaml
CLink Office 2.0 - Cross-Site Scripting (CVE-2020-6171) cve/CVE-2020-6171.yaml
Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure (CVE-2021-37305) cve/CVE-2021-37305.yaml
PowerJob V4.3.1 - Authentication Bypass (CVE-2023-29922) cve/CVE-2023-29922.yaml
Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting cve/CVE-2018-19439.yaml
Purchase Order Management v1.0 - Cross Site Scripting (Reflected) (CVE-2023-29623) cve/CVE-2023-29623.yaml
WordPress White Label CMS <2.2.9 - Cross-Site Scripting (CVE-2022-0422) cve/CVE-2022-0422.yaml
WordPress wpForo Forum < 1.9.7 - Open Redirect (CVE-2021-24406) cve/CVE-2021-24406.yaml
NeDi 1.9C - Cross-Site Scripting (CVE-2020-14413) cve/CVE-2020-14413.yaml
Aptana Jaxer 1.0.3.4547 - Local File inclusion (CVE-2019-14312) cve/CVE-2019-14312.yaml
Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection (CVE-2008-1547) cve/CVE-2008-1547.yaml
Microweber Cross-Site Scripting (CVE-2022-0378) cve/CVE-2022-0378.yaml
Atlassian Jira Confluence - Cross-Site Scripting (CVE-2018-5230) cve/CVE-2018-5230.yaml
WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection (CVE-2021-24862) cve/CVE-2021-24862.yaml
Apache Solr DataImportHandler <8.2.0 - Remote Code Execution (CVE-2019-0193) cve/CVE-2019-0193.yaml
OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect (CVE-2017-14524) cve/CVE-2017-14524.yaml
WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval cve/CVE-2019-19985.yaml
WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting (CVE-2019-20141) cve/CVE-2019-20141.yaml
Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection (CVE-2022-31499) cve/CVE-2022-31499.yaml
Gitea 1.1.0 - 1.12.5 - Remote Code Execution (CVE-2020-14144) cve/CVE-2020-14144.yaml
Atlassian Jira Seraph - Authentication Bypass (CVE-2022-0540) cve/CVE-2022-0540.yaml
Metabase Local File Inclusion (CVE-2021-41277) cve/CVE-2021-41277.yaml
Joomla! Component Advertising 0.25 - Local File Inclusion (CVE-2010-1473) cve/CVE-2010-1473.yaml
Joomla! Component JProject Manager 1.0 - Local File Inclusion (CVE-2010-1469) cve/CVE-2010-1469.yaml
Joomla! Component Address Book 1.5.0 - Local File Inclusion (CVE-2010-1471) cve/CVE-2010-1471.yaml
Vehicle Service Management System 1.0 - Stored Cross Site Scripting (CVE-2021-46072) cve/CVE-2021-46072.yaml
Monstra CMS 3.0.4 - Cross-Site Scripting (CVE-2018-11473) cve/CVE-2018-11473.yaml
DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution (CVE-2017-9822) cve/CVE-2017-9822.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-19136) cve/CVE-2018-19136.yaml
Elasticsearch 7.10.0-7.13.3 - Information Disclosure (CVE-2021-22145) cve/CVE-2021-22145.yaml
Roxy Fileman 1.4.5 - Unrestricted File Upload (CVE-2018-20526) cve/CVE-2018-20526.yaml
Zabbix <=4.4 - Authentication Bypass (CVE-2019-17382) cve/CVE-2019-17382.yaml
Oracle E-Business Suite - Blind SSRF (CVE-2018-3167) cve/CVE-2018-3167.yaml
Intelbras WIN 300/WRN 342 - Credentials Disclosure (CVE-2021-3017) cve/CVE-2021-3017.yaml
Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution cve/CVE-2022-28219.yaml
Airflow Experimental <1.10.11 - REST API Auth Bypass (CVE-2020-13927) cve/CVE-2020-13927.yaml
WordPress Pie Register <3.8.2.3 - Open Redirect (CVE-2023-0552) cve/CVE-2023-0552.yaml
Ametys CMS Information Disclosure (CVE-2022-26159) cve/CVE-2022-26159.yaml
WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting (CVE-2022-0189) cve/CVE-2022-0189.yaml
SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution (CVE-2022-34753) cve/CVE-2022-34753.yaml
Drupal - Remote Code Execution (CVE-2019-6340) cve/CVE-2019-6340.yaml
WordPress GiveWP <2.17.3 - Cross-Site Scripting (CVE-2021-25099) cve/CVE-2021-25099.yaml
Lansweeper Unauthenticated SQL Injection (CVE-2019-13462) cve/CVE-2019-13462.yaml
WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting (CVE-2023-0942) cve/CVE-2023-0942.yaml
Wordpress Profile Builder Plugin Cross-Site Scripting (CVE-2022-0653) cve/CVE-2022-0653.yaml
Deprecated SSHv1 Protocol Detection (CVE-2001-1473) cve/CVE-2001-1473.yaml
WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting (CVE-2021-24435) cve/CVE-2021-24435.yaml
ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting (CVE-2022-24681) cve/CVE-2022-24681.yaml
Socomec DIRIS A-40 Devices Password Disclosure (CVE-2019-15859) cve/CVE-2019-15859.yaml
WordPress ProfileGrid <5.1.1 - Cross-Site Scripting (CVE-2022-3578) cve/CVE-2022-3578.yaml
Rubedo CMS <=3.4.0 - Directory Traversal (CVE-2018-16836) cve/CVE-2018-16836.yaml
Gogs (Go Git Service) - SQL Injection (CVE-2014-8682) cve/CVE-2014-8682.yaml
Apache Log4j2 Remote Code Injection (CVE-2021-44228) cve/CVE-2021-44228.yaml
ProFTPd - Remote Code Execution (CVE-2015-3306) cve/CVE-2015-3306.yaml
Joomla! Component Fabrik 2.0 - Local File Inclusion (CVE-2010-1981) cve/CVE-2010-1981.yaml
WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting (CVE-2022-1904) cve/CVE-2022-1904.yaml
ClinicCases 7.3.3 Cross-Site Scripting (CVE-2021-38704) cve/CVE-2021-38704.yaml
Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection (CVE-2021-21881) cve/CVE-2021-21881.yaml
Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion (CVE-2010-1980) cve/CVE-2010-1980.yaml
PilusCart <=1.4.1 - Local File Inclusion (CVE-2019-16123) cve/CVE-2019-16123.yaml
ReadToMyShoe - Generation of Error Message Containing Sensitive Information cve/CVE-2023-27587.yaml
OEcms 3.1 - Cross-Site Scripting (CVE-2018-12095) cve/CVE-2018-12095.yaml
Jeedom <=4.0.38 - Cross-Site Scripting (CVE-2020-9036) cve/CVE-2020-9036.yaml
WBCE CMS v1.5.4 - Cross Site Scripting (Stored) (CVE-2022-45037) cve/CVE-2022-45037.yaml
Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion (CVE-2010-2128) cve/CVE-2010-2128.yaml
Microweber Information Disclosure (CVE-2022-0281) cve/CVE-2022-0281.yaml
Mura CMS <10.0.580 - Authentication Bypass (CVE-2022-47003) cve/CVE-2022-47003.yaml
WordPress E2Pdf <1.16.45 - Cross-Site Scripting (CVE-2022-0535) cve/CVE-2022-0535.yaml
Laravel <5.5.21 - Information Disclosure (CVE-2017-16894) cve/CVE-2017-16894.yaml
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (CVE-2010-2682) cve/CVE-2010-2682.yaml
Monstra CMS 3.0.4 - HTTP Header Injection (CVE-2018-16979) cve/CVE-2018-16979.yaml
ExponentCMS <= 2.6 - Host Header Injection (CVE-2021-38751) cve/CVE-2021-38751.yaml
Joomla! Component MMS Blog 2.3.0 - Local File Inclusion (CVE-2010-1491) cve/CVE-2010-1491.yaml
Apache Struts2 S2-057 - Remote Code Execution (CVE-2018-11776) cve/CVE-2018-11776.yaml
Cute Editor for ASP.NET 6.4 - Cross-Site Scripting (CVE-2020-24903) cve/CVE-2020-24903.yaml
SourceBans <2.0 - Cross-Site Scripting (CVE-2015-8349) cve/CVE-2015-8349.yaml
WordPress BulletProof Security 5.1 Information Disclosure (CVE-2021-39327) cve/CVE-2021-39327.yaml
MinIO Cluster Deployment - Information Disclosure (CVE-2023-28432) cve/CVE-2023-28432.yaml
Car Rental Management System 1.0 - SQL Injection (CVE-2022-32022) cve/CVE-2022-32022.yaml
Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting (CVE-2016-10973) cve/CVE-2016-10973.yaml
WordPress Gift Voucher <4.1.8 - Blind SQL Injection (CVE-2018-16159) cve/CVE-2018-16159.yaml
MicroStrategy Web 10.4 - Information Disclosure (CVE-2020-11450) cve/CVE-2020-11450.yaml
D-Link DIR-610 Devices - Information Disclosure (CVE-2020-9376) cve/CVE-2020-9376.yaml
HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass (CVE-2017-12542) cve/CVE-2017-12542.yaml
PMB 7.3.10 - Cross-Site Scripting (CVE-2022-34328) cve/CVE-2022-34328.yaml
Zoho ManageEngine Desktop Central - Remote Code Execution (CVE-2021-44515) cve/CVE-2021-44515.yaml
DokuWiki - Cross-Site Scripting (CVE-2017-12583) cve/CVE-2017-12583.yaml
Zoho manageengine - Cross-Site Scripting (CVE-2018-12998) cve/CVE-2018-12998.yaml
Kentico CMS 8.2 - Open Redirect (CVE-2015-7823) cve/CVE-2015-7823.yaml
WordPress Pie Register <3.7.0.1 - Cross-Site Scripting (CVE-2021-24239) cve/CVE-2021-24239.yaml
Sophos UTM Preauth - Remote Code Execution (CVE-2020-25223) cve/CVE-2020-25223.yaml
WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution (CVE-2021-25003) cve/CVE-2021-25003.yaml
WordPress Customize Login Image <3.5.3 - Cross-Site Scripting (CVE-2021-33851) cve/CVE-2021-33851.yaml
WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting (CVE-2016-1000132) cve/CVE-2016-1000132.yaml
Metabase - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/metabase-log4j.yaml
McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting (CVE-2017-4011) cve/CVE-2017-4011.yaml
Easy!Appointments <1.4.3 - Broken Access Control (CVE-2022-0482) cve/CVE-2022-0482.yaml
WordPress UserPro 4.9.32 - Cross-Site Scripting (CVE-2019-14470) cve/CVE-2019-14470.yaml
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-44952) cve/CVE-2022-44952.yaml
Graylog (Log4j) - Remote Code Execution (CVE-2021-44228) cve/graylog-log4j.yaml
Eclipse Jetty - Information Disclosure (CVE-2021-28164) cve/CVE-2021-28164.yaml
Apache OFBiz <17.12.07 - Arbitrary Code Execution (CVE-2021-30128) cve/CVE-2021-30128.yaml
WordPress e-search <=1.0 - Cross-Site Scripting (CVE-2016-1000130) cve/CVE-2016-1000130.yaml
WordPress KiviCare <2.3.9 - SQL Injection (CVE-2022-0786) cve/CVE-2022-0786.yaml
SonicWall SonicOS 7.0 - Open Redirect (CVE-2021-20031) cve/CVE-2021-20031.yaml
WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting (CVE-2021-24316) cve/CVE-2021-24316.yaml
Yii 2 < 2.0.38 - Remote Code Execution (CVE-2020-15148) cve/CVE-2020-15148.yaml
Parallels H-Sphere 3.6.1713 - Cross-Site Scripting (CVE-2022-30777) cve/CVE-2022-30777.yaml
Thinfinity Iframe Injection (CVE-2021-45092) cve/CVE-2021-45092.yaml
vBulletin 5.5.4 - 5.6.2- Remote Command Execution (CVE-2020-17496) cve/CVE-2020-17496.yaml
Citrix SD-WAN Center - Local File Inclusion (CVE-2019-12990) cve/CVE-2019-12990.yaml
Squidex <7.4.0 - Cross-Site Scripting (CVE-2023-24278) cve/CVE-2023-24278.yaml
Terraboard <2.2.0 - SQL Injection (CVE-2022-1883) cve/CVE-2022-1883.yaml
Yachtcontrol Webapplication 1.0 - Remote Command Injection (CVE-2019-17270) cve/CVE-2019-17270.yaml
FiberHome Routers - Local File Inclusion (CVE-2017-15647) cve/CVE-2017-15647.yaml
Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site cve/CVE-2021-42663.yaml
Rudloff alltube prior to 3.0.1 - Open Redirect (CVE-2022-0692) cve/CVE-2022-0692.yaml
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File cve/CVE-2021-46417.yaml
SEO Panel 4.8.0 - Blind SQL Injection (CVE-2021-28419) cve/CVE-2021-28419.yaml
ChurchCRM 4.5.3 - Cross-Site Scripting (CVE-2023-26843) cve/CVE-2023-26843.yaml
Vehicle Service Management System - Stored Cross-Site Scripting (CVE-2021-46068) cve/CVE-2021-46068.yaml
KR-Web <=1.1b2 - Remote File Inclusion (CVE-2009-4223) cve/CVE-2009-4223.yaml
Purchase Order Management v1.0 - SQL Injection (CVE-2022-28023) cve/CVE-2022-28023.yaml
WordPress FlatPM <3.0.13 - Cross-Site Scripting (CVE-2022-3934) cve/CVE-2022-3934.yaml
Faculty Evaluation System v1.0 - SQL Injection (CVE-2023-33439) cve/CVE-2023-33439.yaml
XStream 1.4.18 - Remote Code Execution (CVE-2021-39144) cve/CVE-2021-39144.yaml
WAVLINK WN533A8 - Improper Access Control (CVE-2022-34046) cve/CVE-2022-34046.yaml
KONGA 0.14.9 - Privilege Escalation (CVE-2021-42192) cve/CVE-2021-42192.yaml
Hospital Management System 1.0 - SQL Injection (CVE-2022-34590) cve/CVE-2022-34590.yaml
Advanced Text Widget < 2.0.2 - Cross-Site Scripting (CVE-2011-4618) cve/CVE-2011-4618.yaml
CandidATS 3.0.0 - Cross-Site Scripting. (CVE-2022-42746) cve/CVE-2022-42746.yaml
Ruckus Wireless Admin - Remote Code Execution (CVE-2023-25717) cve/CVE-2023-25717.yaml
WordPress Simple Job Board <2.9.4 - Local File Inclusion (CVE-2020-35749) cve/CVE-2020-35749.yaml
WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting (CVE-2016-1000139) cve/CVE-2016-1000139.yaml
WordPress Videos sync PDF <=1.7.4 - Local File Inclusion (CVE-2022-1392) cve/CVE-2022-1392.yaml
CandidATS 3.0.0 - Cross-Site Scripting (CVE-2022-42749) cve/CVE-2022-42749.yaml
Debug Endpoint pprof - Exposure Detection (CVE-2019-11248) cve/CVE-2019-11248.yaml
UnRaid <=6.80 - Remote Code Execution (CVE-2020-5847) cve/CVE-2020-5847.yaml
Fortinet FortiOS <=5.2.3 - Cross-Site Scripting (CVE-2015-1880) cve/CVE-2015-1880.yaml
School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting cve/CVE-2022-30514.yaml
WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting (CVE-2017-17043) cve/CVE-2017-17043.yaml
Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting (CVE-2021-41349) cve/CVE-2021-41349.yaml
WAVLINK WN535 G3 - Improper Access Control (CVE-2022-34576) cve/CVE-2022-34576.yaml
Complete Online Job Search System 1.0 - SQL Injection (CVE-2022-32015) cve/CVE-2022-32015.yaml
WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting (CVE-2012-4242) cve/CVE-2012-4242.yaml
UpdraftPlus < 1.22.9 - Cross-Site Scripting (CVE-2022-0864) cve/CVE-2022-0864.yaml
PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection (CVE-2020-5307) cve/CVE-2020-5307.yaml
WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting (CVE-2021-24276) cve/CVE-2021-24276.yaml
Joomla! Roland Breedveld Album 1.14 - Local File Inclusion (CVE-2009-3318) cve/CVE-2009-3318.yaml
Webkul QloApps 1.6.0 - Cross-site Scripting (CVE-2023-36287) cve/CVE-2023-36287.yaml
Babel - Open Redirect (CVE-2019-1010290) cve/CVE-2019-1010290.yaml
qdPM 9.1 - Cross-site Scripting (CVE-2019-8390) cve/CVE-2019-8390.yaml
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31879) cve/CVE-2022-31879.yaml
NETGEAR Routers - Authentication Bypass (CVE-2017-5521) cve/CVE-2017-5521.yaml
LOYTEC LGATE-902 6.3.2 - Local File Inclusion (CVE-2018-14918) cve/CVE-2018-14918.yaml
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31982) cve/CVE-2022-31982.yaml
Joomla! Component Matamko 1.01 - Local File Inclusion (CVE-2010-1495) cve/CVE-2010-1495.yaml
Jira Netic Group Export <1.0.3 - Missing Authorization (CVE-2022-39960) cve/CVE-2022-39960.yaml
DotCMS - Arbitrary File Upload (CVE-2022-26352) cve/CVE-2022-26352.yaml
Kodi 17.1 - Local File Inclusion (CVE-2017-5982) cve/CVE-2017-5982.yaml
Oracle WebLogic Server Deserialization - Remote Code Execution (CVE-2018-2628) cve/CVE-2018-2628.yaml
Gogs <0.12.6 - Remote Command Execution (CVE-2022-0415) cve/CVE-2022-0415.yaml
Joomla! Component iF surfALERT 1.2 - Local File Inclusion (CVE-2010-1717) cve/CVE-2010-1717.yaml
Fortinet FortiMail 7.0.1 - Cross-Site Scripting (CVE-2021-43062) cve/CVE-2021-43062.yaml
WordPress Ad Inserter <2.7.10 - Cross-Site Scripting (CVE-2022-0288) cve/CVE-2022-0288.yaml
WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting (CVE-2022-2546) cve/CVE-2022-2546.yaml
eShop 3.0.4 - Cross-Site Scripting (CVE-2022-35493) cve/CVE-2022-35493.yaml
CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution (CVE-2022-44877) cve/CVE-2022-44877.yaml
Codoforum 5.1 - Arbitrary File Upload (CVE-2022-31854) cve/CVE-2022-31854.yaml
Rukovoditel <= 2.7.2 - Cross Site Scripting (CVE-2020-35985) cve/CVE-2020-35985.yaml
WordPress WP JobSearch <1.5.1 - Cross-Site Scripting (CVE-2022-1168) cve/CVE-2022-1168.yaml
Kirona Dynamic Resource Scheduler - Information Disclosure (CVE-2019-17503) cve/CVE-2019-17503.yaml
IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution (CVE-2022-47986) cve/CVE-2022-47986.yaml
WordPress Jannah Theme <5.4.4 - Cross-Site Scripting (CVE-2021-24364) cve/CVE-2021-24364.yaml
WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect cve/CVE-2021-25074.yaml
ManageEngine ADManager Plus - Command Injection (CVE-2023-29084) cve/CVE-2023-29084.yaml
Joomla! Component ZiMBCore 0.1 - Local File Inclusion (CVE-2010-1603) cve/CVE-2010-1603.yaml
WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting (CVE-2021-24510) cve/CVE-2021-24510.yaml
WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting (CVE-2021-24436) cve/CVE-2021-24436.yaml
WordPress Admin Font Editor <=1.8 - Cross-Site Scripting (CVE-2016-1000138) cve/CVE-2016-1000138.yaml
Citrix XenMobile Server - Local File Inclusion (CVE-2020-8209) cve/CVE-2020-8209.yaml
Apache Struts 2.0.0-2.5.25 - Remote Code Execution (CVE-2020-17530) cve/CVE-2020-17530.yaml
Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login (CVE-2021-24647) cve/CVE-2021-24647.yaml
NETGEAR WNAP320 Access Point Firmware - Remote Command Injection (CVE-2016-1555) cve/CVE-2016-1555.yaml
WordPress Nirweb Support <2.8.2 - SQL Injection (CVE-2022-0781) cve/CVE-2022-0781.yaml
Jellyfin <10.7.0 - Local File Inclusion (CVE-2021-21402) cve/CVE-2021-21402.yaml
WordPress Realteo <=1.2.3 - Cross-Site Scripting (CVE-2021-24237) cve/CVE-2021-24237.yaml
WordPress Perfect Survey<1.5.2 - SQL Injection (CVE-2021-24762) cve/CVE-2021-24762.yaml
Agentejo Cockpit <0.11.2 - NoSQL Injection (CVE-2020-35847) cve/CVE-2020-35847.yaml
Atlassian Confluence Download Attachments - Remote Code Execution (CVE-2019-3398) cve/CVE-2019-3398.yaml
Rosario Student Information System Unauthenticated SQL Injection (CVE-2021-44427) cve/CVE-2021-44427.yaml
Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution (CVE-2021-3129) cve/CVE-2021-3129.yaml
Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery cve/CVE-2020-24148.yaml
WordPress Spreadsheet - Cross-Site Scripting (CVE-2013-6281) cve/CVE-2013-6281.yaml
Joomla! Component BeeHeard 1.0 - Local File Inclusion (CVE-2010-1952) cve/CVE-2010-1952.yaml
WordPress IWS Geo Form Fields <=1.0 - SQL Injection (CVE-2022-4117) cve/CVE-2022-4117.yaml
Joomla! Component com_bfsurvey - Local File Inclusion (CVE-2010-2259) cve/CVE-2010-2259.yaml
HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting (CVE-2022-0218) cve/CVE-2022-0218.yaml
ShellShock - Remote Code Execution (CVE-2014-6271) cve/CVE-2014-6271.yaml
Webkul QloApps 1.5.2 - Cross-site Scripting (CVE-2023-30256) cve/CVE-2023-30256.yaml
ThinkAdmin 6 - Local File Inclusion (CVE-2020-25540) cve/CVE-2020-25540.yaml
WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting (CVE-2015-6920) cve/CVE-2015-6920.yaml
Gibbon v25.0.0 - Local File Inclusion (CVE-2023-34598) cve/CVE-2023-34598.yaml
Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion (CVE-2009-4202) cve/CVE-2009-4202.yaml
Home Assistant Supervisor - Authentication Bypass (CVE-2023-27482) cve/CVE-2023-27482.yaml
Revive Adserver 4.2 - Remote Code Execution (CVE-2019-5434) cve/CVE-2019-5434.yaml
WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting (CVE-2021-24235) cve/CVE-2021-24235.yaml
Oracle Business Intelligence/XML Publisher - XML External Entity Injection cve/CVE-2019-2616.yaml
Joomla! ChronoForums 2.0.11 - Local File Inclusion (CVE-2021-28377) cve/CVE-2021-28377.yaml
ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval (CVE-2017-11512) cve/CVE-2017-11512.yaml
Joomla! Component Juke Box 1.7 - Local File Inclusion (CVE-2010-1352) cve/CVE-2010-1352.yaml
WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting (CVE-2020-7107) cve/CVE-2020-7107.yaml
Hikvision IP camera/NVR - Remote Command Execution (CVE-2021-36260) cve/CVE-2021-36260.yaml
Harbor <=1.82.0 - Privilege Escalation (CVE-2019-16097) cve/CVE-2019-16097.yaml
Linear eMerge E3 - Cross-Site Scripting (CVE-2019-7255) cve/CVE-2019-7255.yaml
Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion (CVE-2010-1532) cve/CVE-2010-1532.yaml
PHPUnit - Remote Code Execution (CVE-2017-9841) cve/CVE-2017-9841.yaml
Rundeck - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/rundeck-log4j.yaml
DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery (CVE-2017-0929) cve/CVE-2017-0929.yaml
Node RED Dashboard <2.26.2 - Local File Inclusion (CVE-2021-3223) cve/CVE-2021-3223.yaml
WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload (CVE-2021-24155) cve/CVE-2021-24155.yaml
Jboss Application Server - Remote Code Execution (CVE-2017-12149) cve/CVE-2017-12149.yaml
Geoserver - Server-Side Request Forgery (CVE-2021-40822) cve/CVE-2021-40822.yaml
Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities cve/CVE-2012-1226.yaml
Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting (CVE-2020-2036) cve/CVE-2020-2036.yaml
Wavlink WN-535G3 - Cross-Site Scripting (CVE-2022-30489) cve/CVE-2022-30489.yaml
PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection (CVE-2021-36748) cve/CVE-2021-36748.yaml
Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect (CVE-2017-3528) cve/CVE-2017-3528.yaml
Horde Groupware Unauthenticated Admin Access (CVE-2005-3344) cve/CVE-2005-3344.yaml
Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor (CVE-2021-40859) cve/CVE-2021-40859.yaml
Symmetricom SyncServer Unauthenticated - Remote Command Execution (CVE-2022-40022) cve/CVE-2022-40022.yaml
D-Link DVG-N5402SP - Local File Inclusion (CVE-2015-7245) cve/CVE-2015-7245.yaml
Oracle Weblogic - SSRF in SearchPublicRegistries.jsp (CVE-2014-4210) cve/CVE-2014-4210.yaml
WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting (CVE-2017-17059) cve/CVE-2017-17059.yaml
Akkadian Provisioning Manager - Information Disclosure (CVE-2021-31581) cve/CVE-2021-31581.yaml
Umbraco <7.4.0- Server-Side Request Forgery (CVE-2015-8813) cve/CVE-2015-8813.yaml
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-44949) cve/CVE-2022-44949.yaml
Cuppa CMS v1.0 - SQL injection (CVE-2022-24265) cve/CVE-2022-24265.yaml
Zabbix - SQL Injection (CVE-2016-10134) cve/CVE-2016-10134.yaml
WordPress WHIZZ <=1.0.7 - Cross-Site Scripting (CVE-2016-1000154) cve/CVE-2016-1000154.yaml
Simple Online Planning Tool <1.3.2 - Local File Inclusion (CVE-2014-8676) cve/CVE-2014-8676.yaml
Nova noVNC - Open Redirect (CVE-2021-3654) cve/CVE-2021-3654.yaml
SolarWinds Serv-U 15.3 - Directory Traversal (CVE-2021-35250) cve/CVE-2021-35250.yaml
LumisXP <10.0.0 - Blind XML External Entity Attack (CVE-2021-27931) cve/CVE-2021-27931.yaml
NetBiblio WebOPAC - Cross-Site Scripting (CVE-2021-42551) cve/CVE-2021-42551.yaml
Reflected XSS - Telerik Reporting Module (CVE-2017-9140) cve/CVE-2017-9140.yaml
MaxSite CMS Cross-Site Scripting (CVE-2021-35265) cve/CVE-2021-35265.yaml
D-Link DNS-320 - Unauthenticated Remote Code Execution (CVE-2020-25506) cve/CVE-2020-25506.yaml
Cisco CloudCenter Suite (Log4j) - Remote Code Execution (CVE-2021-44228) cve/cisco-cloudcenter-suite-log4j-rce.yaml
Revive Adserver <5.1.0 - Open Redirect (CVE-2021-22873) cve/CVE-2021-22873.yaml
Netmask NPM Package - Server-Side Request Forgery (CVE-2021-28918) cve/CVE-2021-28918.yaml
Vehicle Service Management System 1.0 - Stored Cross Site Scripting (CVE-2021-46069) cve/CVE-2021-46069.yaml
Temenos T24 R20 - Cross-Site Scripting (CVE-2023-24367) cve/CVE-2023-24367.yaml
Joomla! Component AWDwall 1.5.4 - Local File Inclusion (CVE-2010-1494) cve/CVE-2010-1494.yaml
OpenCATS 0.9.6 - Cross-Site Scripting (CVE-2022-43015) cve/CVE-2022-43015.yaml
Jeecg P3 Biz Chat - Local File Inclusion (CVE-2023-33510) cve/CVE-2023-33510.yaml
NexusDB <4.50.23 - Local File Inclusion (CVE-2020-24571) cve/CVE-2020-24571.yaml
WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read (CVE-2021-24947) cve/CVE-2021-24947.yaml
IceWarp WebMail 11.4.5.0 - Cross-Site Scripting (CVE-2020-27982) cve/CVE-2020-27982.yaml
Sitecore Experience Platform Pre-Auth RCE (CVE-2021-42237) cve/CVE-2021-42237.yaml
Joomla! Component com_abbrev - Local File Inclusion (CVE-2010-0985) cve/CVE-2010-0985.yaml
Erxes <0.23.0 - Cross-Site Scripting (CVE-2021-32853) cve/CVE-2021-32853.yaml
Alfresco Share - Open Redirect (CVE-2019-14223) cve/CVE-2019-14223.yaml
PHP Proxy 3.0.3 - Local File Inclusion (CVE-2018-19458) cve/CVE-2018-19458.yaml
Sophos Firewall <=18.5 MR3 - Remote Code Execution (CVE-2022-1040) cve/CVE-2022-1040.yaml
GitLab CE/EE - Information Disclosure (CVE-2022-0735) cve/CVE-2022-0735.yaml
Totaljs <3.2.3 - Local File Inclusion (CVE-2019-8903) cve/CVE-2019-8903.yaml
Advantech R-SeeNet - Cross-Site Scripting (CVE-2021-21802) cve/CVE-2021-21802.yaml
DedeCMS 5.7 - Path Disclosure (CVE-2018-6910) cve/CVE-2018-6910.yaml
Apache Struts2 S2-052 - Remote Code Execution (CVE-2017-9805) cve/CVE-2017-9805.yaml
Pre-Auth Takeover of Build Pipelines in GoCD (CVE-2021-43287) cve/CVE-2021-43287.yaml
Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion (CVE-2018-16133) cve/CVE-2018-16133.yaml
Opencart Divido - Sql Injection (CVE-2018-11231) cve/CVE-2018-11231.yaml
Microsoft FrontPage Extensions Check (shtml.dll) (CVE-2000-0114) cve/CVE-2000-0114.yaml
Caddy 2.4.6 - Open Redirect (CVE-2022-28923) cve/CVE-2022-28923.yaml
Schools Alert Management Script - Arbitrary File Read (CVE-2018-12054) cve/CVE-2018-12054.yaml
VelotiSmart Wifi - Directory Traversal (CVE-2018-14064) cve/CVE-2018-14064.yaml
YouPHPTube Encoder 2.3 - Remote Command Injection (CVE-2019-5127) cve/CVE-2019-5127.yaml
Masa CMS - Authentication Bypass (CVE-2022-47002) cve/CVE-2022-47002.yaml
WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference (CVE-2020-13700) cve/CVE-2020-13700.yaml
iSpy 7.2.2.0 - Authentication Bypass (CVE-2022-29775) cve/CVE-2022-29775.yaml
Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion (CVE-2010-1081) cve/CVE-2010-1081.yaml
rConfig <=3.9.4 - SQL Injection (CVE-2020-10549) cve/CVE-2020-10549.yaml
NCBI ToolBox - Directory Traversal (CVE-2018-16716) cve/CVE-2018-16716.yaml
BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting (CVE-2021-31589) cve/CVE-2021-31589.yaml
phpPgAdmin <=4.1.1 - Cross-Site Scripting (CVE-2007-5728) cve/CVE-2007-5728.yaml
Popup by Supsystic <1.10.5 - Cross-Site scripting (CVE-2021-24275) cve/CVE-2021-24275.yaml
WordPress Copyright Proof <=4.16 - Cross-Site-Scripting (CVE-2022-1906) cve/CVE-2022-1906.yaml
Yonyou U8 13.0 - Cross-Site Scripting (CVE-2022-26263) cve/CVE-2022-26263.yaml
Zimbra Collaboration (ZCS) - Cross Site Scripting (CVE-2022-27926) cve/CVE-2022-27926.yaml
WordPress PayPal Pro <1.1.65 - SQL Injection (CVE-2020-14092) cve/CVE-2020-14092.yaml
D-Link Routers - Local File Inclusion (CVE-2018-10822) cve/CVE-2018-10822.yaml
Cisco HyperFlex HX Data Platform - Remote Command Execution (CVE-2021-1498) cve/CVE-2021-1498.yaml
Oracle Access Manager - Remote Code Execution (CVE-2021-35587) cve/CVE-2021-35587.yaml
Apereo CAS Cross-Site Scripting (CVE-2021-42567) cve/CVE-2021-42567.yaml
Nuxeo <10.3 - Remote Code Execution (CVE-2018-16341) cve/CVE-2018-16341.yaml
SolarView Compact <= 6.00 - Local File Inclusion (CVE-2023-29919) cve/CVE-2023-29919.yaml
Confluence Server - Remote Code Execution (CVE-2021-26084) cve/CVE-2021-26084.yaml
XStream 1.4.18 - Arbitrary Code Execution (CVE-2021-39146) cve/CVE-2021-39146.yaml
Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection cve/CVE-2020-35338.yaml
RevealJS postMessage <4.3.0 - Cross-Site Scripting (CVE-2022-0776) cve/CVE-2022-0776.yaml
Magmi 0.7.22 - Cross-Site Scripting (CVE-2017-7391) cve/CVE-2017-7391.yaml
Horde/Horde Groupware - Local File Inclusion (CVE-2009-0932) cve/CVE-2009-0932.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-19749) cve/CVE-2018-19749.yaml
PDF Generator for WordPress < 1.1.2 - Cross Site Scripting (CVE-2022-4321) cve/CVE-2022-4321.yaml
Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting cve/CVE-2018-3238.yaml
Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting (CVE-2019-7219) cve/CVE-2019-7219.yaml
Django Debug Page - Cross-Site Scripting (CVE-2017-12794) cve/CVE-2017-12794.yaml
Jolokia 1.3.7 - Cross-Site Scripting (CVE-2018-1000129) cve/CVE-2018-1000129.yaml
Adobe ColdFusion - Unrestricted File Upload Remote Code Execution (CVE-2018-15961) cve/CVE-2018-15961.yaml
ifw8 Router ROM v4.31 - Credential Discovery (CVE-2019-16313) cve/CVE-2019-16313.yaml
Cachet <=2.3.18 - SQL Injection (CVE-2021-39165) cve/CVE-2021-39165.yaml
HotelDruid 2.3.0 - Cross-Site Scripting (CVE-2019-8937) cve/CVE-2019-8937.yaml
strapi CMS <3.0.0-beta.17.5 - Admin Password Reset (CVE-2019-18818) cve/CVE-2019-18818.yaml
GenieACS => 1.2.8 - OS Command Injection (CVE-2021-46704) cve/CVE-2021-46704.yaml
Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion (CVE-2010-3426) cve/CVE-2010-3426.yaml
Django SQL Injection (CVE-2020-9402) cve/CVE-2020-9402.yaml
Fortinet - Authentication Bypass (CVE-2022-40684) cve/CVE-2022-40684.yaml
Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass (CVE-2021-40856) cve/CVE-2021-40856.yaml
ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure (CVE-2015-0554) cve/CVE-2015-0554.yaml
WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion cve/CVE-2017-1000170.yaml
Spotweb <= 1.5.1 - Cross Site Scripting (Reflected) (CVE-2021-43725) cve/CVE-2021-43725.yaml
WordPress English Admin <1.5.2 - Open Redirect (CVE-2021-25111) cve/CVE-2021-25111.yaml
Joomla! Harmis Messenger 1.2.2 - Local File Inclusion (CVE-2019-9922) cve/CVE-2019-9922.yaml
TP-Link - OS Command Injection (CVE-2021-41653) cve/CVE-2021-41653.yaml
LabKey Server Community Edition <18.3.0 - Open Redirect (CVE-2019-3912) cve/CVE-2019-3912.yaml
Ruby Dragonfly <1.4.0 - Remote Code Execution (CVE-2021-33564) cve/CVE-2021-33564.yaml
WordPress JoomSport <5.2.8 - SQL Injection (CVE-2022-4050) cve/CVE-2022-4050.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-20011) cve/CVE-2018-20011.yaml
WordPress Personal Dictionary <1.3.4 - Blind SQL Injection (CVE-2022-1013) cve/CVE-2022-1013.yaml
Apache Airflow - Unauthenticated Variable Import (CVE-2021-38540) cve/CVE-2021-38540.yaml
Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion (CVE-2010-1955) cve/CVE-2010-1955.yaml
Apache OFBiz 17.12.03 - Cross-Site Scripting (CVE-2020-9496) cve/CVE-2020-9496.yaml
WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting (CVE-2021-24320) cve/CVE-2021-24320.yaml
HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass (CVE-2021-29203) cve/CVE-2021-29203.yaml
Oracle Business Intelligence Publisher - XML External Entity Injection (CVE-2019-2767) cve/CVE-2019-2767.yaml
IBM WebSphere HCL Digital Experience - Server-Side Request Forgery (CVE-2021-27748) cve/CVE-2021-27748.yaml
Navigate CMS 2.9.4 - Server-Side Request Forgery (CVE-2022-28117) cve/CVE-2022-28117.yaml
Micro Focus Operations Bridge Reporter - Remote Code Execution (CVE-2021-22502) cve/CVE-2021-22502.yaml
Joomla! Component Web TV 1.0 - Local File Inclusion (CVE-2010-1470) cve/CVE-2010-1470.yaml
SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition (CVE-2020-6287) cve/CVE-2020-6287.yaml
WordPress Localize My Post 1.0 - Local File Inclusion (CVE-2018-16299) cve/CVE-2018-16299.yaml
WWBN AVideo 11.6 - Cross-Site Scripting (CVE-2022-32771) cve/CVE-2022-32771.yaml
Forescout CounterACT 6.3.4.1 - Open Redirect (CVE-2012-4982) cve/CVE-2012-4982.yaml
Drupal - Remote Code Execution (CVE-2018-7600) cve/CVE-2018-7600.yaml
IceWarp Mail Server <11.1.1 - Directory Traversal (CVE-2015-1503) cve/CVE-2015-1503.yaml
Oracle E-Business Suite <=12.2 - Authentication Bypass (CVE-2022-21500) cve/CVE-2022-21500.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-19137) cve/CVE-2018-19137.yaml
WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting (CVE-2021-24452) cve/CVE-2021-24452.yaml
Fortinet FortiOS - Open Redirect/Cross-Site Scripting (CVE-2016-3978) cve/CVE-2016-3978.yaml
Joomla! Component Arcade Games 1.0 - Local File Inclusion (CVE-2010-1714) cve/CVE-2010-1714.yaml
WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File cve/CVE-2021-24145.yaml
WordPress CDI <5.1.9 - Cross Site Scripting (CVE-2022-1933) cve/CVE-2022-1933.yaml
vBulletin <= 4.2.3 - SQL Injection (CVE-2016-6195) cve/CVE-2016-6195.yaml
Cisco SD-WAN vManage Software - Local File Inclusion (CVE-2020-26073) cve/CVE-2020-26073.yaml
FortiWeb - Cross-Site Scripting (CVE-2021-22122) cve/CVE-2021-22122.yaml
Cuppa CMS v1.0 - SQL injection (CVE-2022-24264) cve/CVE-2022-24264.yaml
Fortinet FortiOS - Credentials Disclosure (CVE-2018-13379) cve/CVE-2018-13379.yaml
Cisco ASA/FTD Software - Cross-Site Scripting (CVE-2020-3580) cve/CVE-2020-3580.yaml
WordPress WPS Hide Login <1.9.1 - Information Disclosure (CVE-2021-24917) cve/CVE-2021-24917.yaml
Joomla! RSfiles <=1.0.2 - Local File Inclusion (CVE-2007-4504) cve/CVE-2007-4504.yaml
IND780 - Local File Inclusion (CVE-2021-40661) cve/CVE-2021-40661.yaml
Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery cve/CVE-2017-9506.yaml
WOOF WordPress plugin - Cross-Site Scripting (CVE-2021-25085) cve/CVE-2021-25085.yaml
WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting cve/CVE-2022-1916.yaml
Onkyo TX-NR585 Web Interface - Directory Traversal (CVE-2020-12447) cve/CVE-2020-12447.yaml
OpenNMS - JNDI Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/opennms-log4j-jndi-rce.yaml
T24 Web Server - Local File Inclusion (CVE-2019-14251) cve/CVE-2019-14251.yaml
VMware Horizon - JNDI Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/vmware-horizon-log4j-jndi-rce.yaml
Ulterius Server < 1.9.5.0 - Directory Traversal (CVE-2017-16806) cve/CVE-2017-16806.yaml
Movies <= 0.6 - Cross-Site Scripting (CVE-2014-4539) cve/CVE-2014-4539.yaml
Joomla! MooFAQ 1.0 - Local File Inclusion (CVE-2009-2015) cve/CVE-2009-2015.yaml
Drawio <18.0.4 - Server-Side Request Forgery (CVE-2022-1713) cve/CVE-2022-1713.yaml
Drupal SQL Injection (CVE-2014-3704) cve/CVE-2014-3704.yaml
webEdition 6.3.8.0 - Directory Traversal (CVE-2014-5258) cve/CVE-2014-5258.yaml
Suprema BioStar <2.8.2 - Local File Inclusion (CVE-2020-15050) cve/CVE-2020-15050.yaml
Apache Tomcat - Cross-Site Scripting (CVE-2019-0221) cve/CVE-2019-0221.yaml
WordPress Sniplets <=1.2.2 - Cross-Site Scripting (CVE-2008-1061) cve/CVE-2008-1061.yaml
11in1 CMS 1.2.1 - Local File Inclusion (LFI) (CVE-2012-0996) cve/CVE-2012-0996.yaml
MovableType - Remote Command Injection (CVE-2021-20837) cve/CVE-2021-20837.yaml
WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection (CVE-2021-32789) cve/CVE-2021-32789.yaml
Gibbon v25.0.0 - Cross-Site Scripting (CVE-2023-34599) cve/CVE-2023-34599.yaml
WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection (CVE-2022-45805) cve/CVE-2022-45805.yaml
WordPress Permalink Manager <2.2.15 - Cross-Site Scripting (CVE-2022-0201) cve/CVE-2022-0201.yaml
Apache Tomcat - Remote Code Execution (CVE-2017-12617) cve/CVE-2017-12617.yaml
Buffalo WSR-2533DHPL2 - Improper Access Control (CVE-2021-20092) cve/CVE-2021-20092.yaml
WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting (CVE-2016-1000134) cve/CVE-2016-1000134.yaml
FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting (CVE-2017-14186) cve/CVE-2017-14186.yaml
ACME mini_httpd <1.30 - Local File Inclusion (CVE-2018-18778) cve/CVE-2018-18778.yaml
STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion (CVE-2023-26255) cve/CVE-2023-26255.yaml
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-43170) cve/CVE-2022-43170.yaml
Cisco Unified Communications Manager 7/8/9 - Directory Traversal (CVE-2013-5528) cve/CVE-2013-5528.yaml
Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - Broken Access Control cve/CVE-2019-2578.yaml
myfactory FMS - Cross-Site Scripting (CVE-2021-42565) cve/CVE-2021-42565.yaml
Spring Boot Actuator Logview Directory Traversal (CVE-2021-21234) cve/CVE-2021-21234.yaml
WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval (CVE-2015-4694) cve/CVE-2015-4694.yaml
WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting (CVE-2021-34643) cve/CVE-2021-34643.yaml
Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense cve/CVE-2020-3187.yaml
Cisco vManage (Log4j) - Remote Code Execution (CVE-2021-44228) cve/cisco-vmanage-log4j.yaml
Apache Solr <=8.3.1 - Remote Code Execution (CVE-2019-17558) cve/CVE-2019-17558.yaml
Joomla! Component Canteen 1.0 - Local File Inclusion (CVE-2010-4977) cve/CVE-2010-4977.yaml
BuddyPress REST API <7.2.1 - Privilege Escalation/Remote Code Execution (CVE-2021-21389) cve/CVE-2021-21389.yaml
External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request cve/CVE-2022-1398.yaml
Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF) cve/CVE-2020-10770.yaml
BigAnt Server v5.6.06 - Local File Inclusion (CVE-2022-23347) cve/CVE-2022-23347.yaml
Ncomputing vSPace Pro 10 and 11 - Directory Traversal (CVE-2018-10201) cve/CVE-2018-10201.yaml
phpMyAdmin < 5.1.2 - Cross-Site Scripting (CVE-2022-23808) cve/CVE-2022-23808.yaml
WAVLINK WN530HG4 - Improper Access Control (CVE-2022-34049) cve/CVE-2022-34049.yaml
IceWarp Mail Server - Open Redirect (CVE-2021-36580) cve/CVE-2021-36580.yaml
WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting cve/CVE-2021-24335.yaml
Simple File List < 4.4.12 - Cross Site Scripting (CVE-2022-3062) cve/CVE-2022-3062.yaml
VMware HCX - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/vmware-hcx-log4j.yaml
WP Planet <= 0.1 - Cross-Site Scripting (CVE-2014-4592) cve/CVE-2014-4592.yaml
74cms - ajax_officebuilding.php SQL Injection (CVE-2020-22210) cve/CVE-2020-22210.yaml
Ivanti EPM Cloud Services Appliance Code Injection (CVE-2021-44529) cve/CVE-2021-44529.yaml
SCIMono <0.0.19 - Remote Code Execution (CVE-2021-21479) cve/CVE-2021-21479.yaml
Contao <4.13.3 - Cross-Site Scripting (CVE-2022-24899) cve/CVE-2022-24899.yaml
DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution (CVE-2018-7700) cve/CVE-2018-7700.yaml
OpenSymphony XWork/Apache Struts2 - Remote Code Execution (CVE-2007-4556) cve/CVE-2007-4556.yaml
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-19751) cve/CVE-2018-19751.yaml
Apache Superset - Authentication Bypass (CVE-2023-27524) cve/CVE-2023-27524.yaml
CData RSB Connect v22.0.8336 - Server Side Request Forgery (CVE-2023-24243) cve/CVE-2023-24243.yaml
WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal (CVE-2013-7240) cve/CVE-2013-7240.yaml
WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery cve/CVE-2022-45835.yaml
myfactory FMS - Cross-Site Scripting (CVE-2021-42566) cve/CVE-2021-42566.yaml
Vehicle Service Management System 1.0 - Cross Site Scripting (CVE-2021-46073) cve/CVE-2021-46073.yaml
WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting (CVE-2021-39322) cve/CVE-2021-39322.yaml
Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal (CVE-2018-19365) cve/CVE-2018-19365.yaml
XStream <1.4.17 - Remote Code Execution (CVE-2021-29505) cve/CVE-2021-29505.yaml
GLPI <9.4.6 - Open Redirect (CVE-2020-11034) cve/CVE-2020-11034.yaml
Webmin <1.990 - Improper Access Control (CVE-2022-0824) cve/CVE-2022-0824.yaml
OpenCATS - Open Redirect (CVE-2023-27292) cve/CVE-2023-27292.yaml
twitter-server Cross-Site Scripting (CVE-2020-35774) cve/CVE-2020-35774.yaml
Fortra GoAnywhere MFT - Remote Code Execution (CVE-2023-0669) cve/CVE-2023-0669.yaml
D-Link DAP-1620 - Local File Inclusion (CVE-2021-46381) cve/CVE-2021-46381.yaml
Apache Struts2 S2-053 - Remote Code Execution (CVE-2017-12611) cve/CVE-2017-12611.yaml
BigAnt Server 5.6.06 - Improper Access Control (CVE-2022-23348) cve/CVE-2022-23348.yaml
Openemr < 7.0.0.1 - Cross-Site Scripting (CVE-2022-2733) cve/CVE-2022-2733.yaml
WSO2 - Cross-Site Scripting (CVE-2022-29548) cve/CVE-2022-29548.yaml
WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability cve/CVE-2022-27849.yaml
Microweber <1.1.20 - Information Disclosure (CVE-2020-13405) cve/CVE-2020-13405.yaml
Microweber <1.2.12 - Integer Overflow (CVE-2022-0968) cve/CVE-2022-0968.yaml
HP System Management Homepage (SMH) v2.x.x.x - Open Redirect (CVE-2010-1586) cve/CVE-2010-1586.yaml
Belkin N150 Router 1.00.08/1.00.09 - Path Traversal (CVE-2014-2962) cve/CVE-2014-2962.yaml
DVDFab 12 Player/PlayerFab - Local File Inclusion (CVE-2022-25216) cve/CVE-2022-25216.yaml
WordPress Post Grid <2.1.8 - Cross-Site Scripting (CVE-2021-24488) cve/CVE-2021-24488.yaml
Inspur ClusterEngine 4.0 - Remote Code Execution (CVE-2020-21224) cve/CVE-2020-21224.yaml
ZZcms - Cross-Site Scripting (CVE-2020-20285) cve/CVE-2020-20285.yaml
WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting cve/CVE-2022-0599.yaml
Jira Improper Authorization (CVE-2019-8446) cve/CVE-2019-8446.yaml
Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion (CVE-2018-19326) cve/CVE-2018-19326.yaml
WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials (CVE-2022-35413) cve/CVE-2022-35413.yaml
pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection (CVE-2022-31814) cve/CVE-2022-31814.yaml
WordPress Jannah Theme <5.4.5 - Cross-Site Scripting (CVE-2021-24407) cve/CVE-2021-24407.yaml
Orange Forum 1.4.0 - Open Redirect (CVE-2018-14474) cve/CVE-2018-14474.yaml
WordPress Booking Calendar <3.2.2 - Arbitrary File Upload (CVE-2022-3982) cve/CVE-2022-3982.yaml
Elasticsearch 5 - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/elasticsearch5-log4j-rce.yaml
Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting (CVE-2018-10141) cve/CVE-2018-10141.yaml
Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting cve/CVE-2021-46005.yaml
JFrog Artifactory 6.7.3 - Admin Login Bypass (CVE-2019-9733) cve/CVE-2019-9733.yaml
Joomla! Component PicSell 1.0 - Arbitrary File Retrieval (CVE-2010-3203) cve/CVE-2010-3203.yaml
Jeecg-boot 3.5.0 qurestSql - SQL Injection (CVE-2023-1454) cve/CVE-2023-1454.yaml
WordPress StageShow <5.0.9 - Open Redirect (CVE-2015-5461) cve/CVE-2015-5461.yaml
Joomla! ProDesk 1.0/1.2 - Local File Inclusion (CVE-2008-6222) cve/CVE-2008-6222.yaml
SkyWalking SQLI (CVE-2020-9483) cve/CVE-2020-9483.yaml
Ericsson Drutt MSDP - Local File Inclusion (CVE-2015-2166) cve/CVE-2015-2166.yaml
Joomla! Component Percha Fields Attach 1.0 - Directory Traversal (CVE-2010-2036) cve/CVE-2010-2036.yaml
Directorist < 7.5.4 - Local File Inclusion (CVE-2023-2252) cve/CVE-2023-2252.yaml
LearnPress <4.1.6 - Cross-Site Scripting (CVE-2022-0271) cve/CVE-2022-0271.yaml
PhpColl 2.5.1 Arbitrary File Upload (CVE-2017-6090) cve/CVE-2017-6090.yaml
Joomla! Component DW Graph - Local File Inclusion (CVE-2010-1302) cve/CVE-2010-1302.yaml
MOVEit Transfer - SQL Injection (CVE-2023-36934) cve/CVE-2023-36934.yaml
WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload (CVE-2022-1952) cve/CVE-2022-1952.yaml
eMerge E3 1.00-06 - Local File Inclusion (CVE-2019-7254) cve/CVE-2019-7254.yaml
Nagios XI 5.7.5 - Cross-Site Scripting (CVE-2021-25299) cve/CVE-2021-25299.yaml
DedeCMS 5.7 SP2 - Cross-Site Scripting (CVE-2018-18608) cve/CVE-2018-18608.yaml
WordPress ProfilePress 3.0.0-3.1.3 - Admin User Creation Weakness (CVE-2021-34621) cve/CVE-2021-34621.yaml
Apache Airflow <1.10.14 - Authentication Bypass (CVE-2020-17526) cve/CVE-2020-17526.yaml
Atlassian Jira Limited - Local File Inclusion (CVE-2021-26086) cve/CVE-2021-26086.yaml
Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass cve/CVE-2021-31602.yaml
Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion cve/CVE-2010-1475.yaml
CMSimple 3.1 - Local File Inclusion (CVE-2008-2650) cve/CVE-2008-2650.yaml
Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion (CVE-2020-35951) cve/CVE-2020-35951.yaml
Flyte Console <0.52.0 - Server-Side Request Forgery (CVE-2022-24856) cve/CVE-2022-24856.yaml
Grafana Unauthenticated Snapshot Creation (CVE-2021-27358) cve/CVE-2021-27358.yaml
Spring Data Commons - Remote Code Execution (CVE-2018-1273) cve/CVE-2018-1273.yaml
WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset (CVE-2023-32243) cve/CVE-2023-32243.yaml
VMware Site Recovery Manager - Remote Code Execution (Apache Log4j) (CVE-2021-44228) cve/vmware-siterecovery-log4j-rce.yaml
Geutebruck - Remote Command Injection (CVE-2021-33544) cve/CVE-2021-33544.yaml
Apache Tomcat - Open Redirect (CVE-2018-11784) cve/CVE-2018-11784.yaml
WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting (CVE-2022-4260) cve/CVE-2022-4260.yaml
phpShowtime 2.0 - Directory Traversal (CVE-2010-4282) cve/CVE-2010-4282.yaml
WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting cve/CVE-2022-3933.yaml
CirCarLife <4.3 - Improper Authentication (CVE-2018-16668) cve/CVE-2018-16668.yaml
Cisco Small Business 200300 and 500 Series Switches - Open Redirect (CVE-2019-1943) cve/CVE-2019-1943.yaml
Virtua Software Cobranca <12R - Blind SQL Injection (CVE-2021-37589) cve/CVE-2021-37589.yaml
Joomla! Component User Status - Local File Inclusion (CVE-2010-1304) cve/CVE-2010-1304.yaml
Cisco Unified IP Conference Station 7937G - Denial-of-Service (CVE-2020-16139) cve/CVE-2020-16139.yaml
Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection (CVE-2021-42071) cve/CVE-2021-42071.yaml
STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion (CVE-2023-26256) cve/CVE-2023-26256.yaml
WordPress Plugin Age Verification v0.4 - Open Redirect (CVE-2012-6499) cve/CVE-2012-6499.yaml
Zyxel ZyWall UAG/USG - Account Creation Access (CVE-2019-12583) cve/CVE-2019-12583.yaml
Resourcespace - Cross-Site Scripting (CVE-2021-41951) cve/CVE-2021-41951.yaml
Jenkins build-metrics 1.3 - Cross-Site Scripting (CVE-2019-10475) cve/CVE-2019-10475.yaml
vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution (CVE-2023-25135) cve/CVE-2023-25135.yaml
Oracle WebLogic Server Administration Console - Remote Code Execution (CVE-2019-2729) cve/CVE-2019-2729.yaml
Grav <1.7 - Open Redirect (CVE-2020-11529) cve/CVE-2020-11529.yaml
D-Link DCS-2530L/DCS-2670L - Administrator Password Disclosure (CVE-2020-25078) cve/CVE-2020-25078.yaml
Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion (CVE-2010-1979) cve/CVE-2010-1979.yaml
Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting (CVE-2021-36450) cve/CVE-2021-36450.yaml
Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery cve/CVE-2020-7796.yaml
OpenSMTPD 6.4.0-6.6.1 - Remote Code Execution (CVE-2020-7247) cve/CVE-2020-7247.yaml
WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting (CVE-2022-1221) cve/CVE-2022-1221.yaml
ZK Framework - Information Disclosure (CVE-2022-36537) cve/CVE-2022-36537.yaml
Genie Access WIP3BVAF IP Camera - Local File Inclusion (CVE-2019-7315) cve/CVE-2019-7315.yaml
Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery (CVE-2020-5775) cve/CVE-2020-5775.yaml
Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization (CVE-2019-3401) cve/CVE-2019-3401.yaml
Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution (CVE-2020-7980) cve/CVE-2020-7980.yaml
SysAid Help Desk <15.2 - Local File Inclusion (CVE-2015-2996) cve/CVE-2015-2996.yaml
Planon <Live Build 41 - Cross-Site Scripting (CVE-2018-18570) cve/CVE-2018-18570.yaml
GRAND FlAGallery 1.57 - Cross-Site Scripting (CVE-2011-4624) cve/CVE-2011-4624.yaml
Microsoft SQL Server Reporting Services - Remote Code Execution (CVE-2020-0618) cve/CVE-2020-0618.yaml
GLPI <=10.0.2 - Remote Command Execution (CVE-2022-35914) cve/CVE-2022-35914.yaml
Jenzabar 9.2x-9.2.2 - Cross-Site Scripting (CVE-2021-26723) cve/CVE-2021-26723.yaml
Joomla! Percha Categories Tree 0.6 - Local File Inclusion (CVE-2010-2033) cve/CVE-2010-2033.yaml
Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution (CVE-2020-35713) cve/CVE-2020-35713.yaml
Spotweb <= 1.5.1 - Cross Site Scripting (CVE-2021-40970) cve/CVE-2021-40970.yaml
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-43165) cve/CVE-2022-43165.yaml
WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting (CVE-2021-24351) cve/CVE-2021-24351.yaml
ZZZCMS 1.6.1 - Remote Code Execution (CVE-2019-9041) cve/CVE-2019-9041.yaml
WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting (CVE-2014-4558) cve/CVE-2014-4558.yaml
Palo Alto Network PAN-OS - Remote Code Execution (CVE-2017-15944) cve/CVE-2017-15944.yaml
CHIYU TCP/IP Converter - Cross-Site Scripting (CVE-2021-31250) cve/CVE-2021-31250.yaml
Kaseya Virtual System Administrator - Open Redirect (CVE-2015-2863) cve/CVE-2015-2863.yaml
WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting cve/CVE-2022-0149.yaml
WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting (CVE-2013-4625) cve/CVE-2013-4625.yaml
WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure cve/CVE-2021-24146.yaml
TermTalk Server 3.24.0.2 - Local File Inclusion (CVE-2021-35380) cve/CVE-2021-35380.yaml
Opsview Monitor Pro - Open Redirect (CVE-2016-10368) cve/CVE-2016-10368.yaml
Haraj 3.7 - Cross-Site Scripting (CVE-2022-31299) cve/CVE-2022-31299.yaml
WordPress Title Experiments Free <9.0.1 - SQL Injection (CVE-2022-0784) cve/CVE-2022-0784.yaml
Cobbler - Authentication Bypass (CVE-2018-1000226) cve/CVE-2018-1000226.yaml
Piano LED Visualizer 1.3 - Local File Inclusion (CVE-2022-24900) cve/CVE-2022-24900.yaml
TP-LINK - Local File Inclusion (CVE-2015-3035) cve/CVE-2015-3035.yaml
Elementor Website Builder - Remote Code Execution (CVE-2022-1329) cve/CVE-2022-1329.yaml
D-Link Routers - Remote Command Injection (CVE-2018-10823) cve/CVE-2018-10823.yaml
SecurePoint UTM 12.x Session ID Leak (CVE-2023-22620) cve/CVE-2023-22620.yaml
Aryanic HighMail (High CMS) - Cross-Site Scripting (CVE-2020-23517) cve/CVE-2020-23517.yaml
SAP Solution Manager 7.2 - Remote Command Execution (CVE-2020-6207) cve/CVE-2020-6207.yaml
EPrints 3.4.2 - Cross-Site Scripting (CVE-2021-26702) cve/CVE-2021-26702.yaml
WordPress HTML2WP <=1.0.0 - Arbitrary File Upload (CVE-2022-1574) cve/CVE-2022-1574.yaml
Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control (CVE-2022-38817) cve/CVE-2022-38817.yaml
PMB 7.4.6 - Open Redirect (CVE-2023-24735) cve/CVE-2023-24735.yaml
ThinkPHP 5.0.24 - Information Disclosure (CVE-2022-25481) cve/CVE-2022-25481.yaml
D-Link DIR-816L - Improper Access Control (CVE-2022-28955) cve/CVE-2022-28955.yaml
Mastodon Prototype Pollution Vulnerability (CVE-2022-0432) cve/CVE-2022-0432.yaml
PhpMyAdmin Scripts - Remote Code Execution (CVE-2009-1151) cve/CVE-2009-1151.yaml
Joomla! Component JE Job 1.0 - Local File Inclusion (CVE-2010-5028) cve/CVE-2010-5028.yaml
WordPress WPvivid Backup <0.9.76 - Local File Inclusion (CVE-2022-2863) cve/CVE-2022-2863.yaml
PRTG Network Monitor <20.1.57.1745 - Information Disclosure (CVE-2020-11547) cve/CVE-2020-11547.yaml
Membership Database <= 1.0 - Cross-Site Scripting (CVE-2023-0514) cve/CVE-2023-0514.yaml
Apache Tapestry - Remote Code Execution (CVE-2021-27850) cve/CVE-2021-27850.yaml
ZeroShell <= 1.0beta11 Remote Code Execution (CVE-2009-0545) cve/CVE-2009-0545.yaml
Kyocera Printer d-COPIA253MF - Directory Traversal (CVE-2020-23575) cve/CVE-2020-23575.yaml
Rukovoditel <= 3.2.1 - Cross-Site Scripting (CVE-2022-44946) cve/CVE-2022-44946.yaml
Extreme Management Center 8.4.1.24 - Cross-Site Scripting (CVE-2020-13820) cve/CVE-2020-13820.yaml
SMTP WP Plugin Directory Listing (CVE-2020-35234) cve/CVE-2020-35234.yaml
Microweber <1.2.11 - Information Disclosure (CVE-2022-0660) cve/CVE-2022-0660.yaml
Joomla! Component JRadio - Local File Inclusion (CVE-2010-4719) cve/CVE-2010-4719.yaml
Windows Server 2003 & IIS 6.0 - Remote Code Execution (CVE-2017-7269) cve/CVE-2017-7269.yaml
WordPress Redux Framework <=4.2.11 - Information Disclosure (CVE-2021-38314) cve/CVE-2021-38314.yaml
node-srv - Local File Inclusion (CVE-2018-3714) cve/CVE-2018-3714.yaml
Show all comments < 7.0.1 - Cross-Site Scripting (CVE-2022-4295) cve/CVE-2022-4295.yaml
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-44950) cve/CVE-2022-44950.yaml
emlog 5.3.1 Path Disclosure (CVE-2021-3293) cve/CVE-2021-3293.yaml
WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection (CVE-2021-24946) cve/CVE-2021-24946.yaml
Frontend Uploader <= 0.9.2 - Cross-Site Scripting (CVE-2014-9444) cve/CVE-2014-9444.yaml
ECOA Building Automation System - Arbitrary File Retrieval (CVE-2021-41293) cve/CVE-2021-41293.yaml
WordPress Master Elements <=8.0 - SQL Injection (CVE-2022-0693) cve/CVE-2022-0693.yaml
Jenkins - Remote Command Injection (CVE-2018-1000861) cve/CVE-2018-1000861.yaml
JamF (Log4j) - Remote Code Execution (CVE-2021-44228) cve/jamf-log4j-jndi-rce.yaml
WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting (CVE-2021-24875) cve/CVE-2021-24875.yaml
Camtron CMNC-200 IP Camera - Directory Traversal (CVE-2010-4231) cve/CVE-2010-4231.yaml
Spring Cloud - Remote Code Execution (CVE-2022-22963) cve/CVE-2022-22963.yaml
MySQLDumper 1.24.4 - Directory Traversal (CVE-2012-4253) cve/CVE-2012-4253.yaml
OURPHP <= 7.2.0 - Cross Site Scripting (CVE-2023-30212) cve/CVE-2023-30212.yaml
WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting (CVE-2012-4768) cve/CVE-2012-4768.yaml
WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection (CVE-2022-1057) cve/CVE-2022-1057.yaml
Fortinet FortiOS - Cross-Site Scripting (CVE-2018-13380) cve/CVE-2018-13380.yaml
Node.js st module Directory Traversal (CVE-2014-3744) cve/CVE-2014-3744.yaml
LG-Ericsson iPECS NMS 30M - Local File Inclusion (CVE-2018-15138) cve/CVE-2018-15138.yaml
Cuppa CMS v1.0 - Local File Inclusion (CVE-2022-25486) cve/CVE-2022-25486.yaml
Joomla! Component NoticeBoard 1.3 - Local File Inclusion (CVE-2010-1658) cve/CVE-2010-1658.yaml
D-Link DIR-868L/817LW - Information Disclosure (CVE-2019-17506) cve/CVE-2019-17506.yaml
Labstack Echo 4.8.0 - Open Redirect (CVE-2022-40083) cve/CVE-2022-40083.yaml
WordPress File Manager Plugin - Remote Code Execution (CVE-2020-25213) cve/CVE-2020-25213.yaml
Opensis-Classic 8.0 - Cross-Site Scripting (CVE-2021-40542) cve/CVE-2021-40542.yaml
Wing FTP 6.4.4 - Cross-Site Scripting (CVE-2020-27735) cve/CVE-2020-27735.yaml
Jira < 8.1.1 - Cross-Site Scripting (CVE-2019-3402) cve/CVE-2019-3402.yaml
Oracle WebLogic Server - Remote Code Execution (CVE-2020-2551) cve/CVE-2020-2551.yaml
ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting (CVE-2011-5181) cve/CVE-2011-5181.yaml
Lotus Core CMS 1.0.1 - Local File Inclusion (CVE-2020-8641) cve/CVE-2020-8641.yaml
SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting (CVE-2021-42063) cve/CVE-2021-42063.yaml
NewStatPress <0.9.9 - Cross-Site Scripting (CVE-2015-4063) cve/CVE-2015-4063.yaml
VoipMonitor - Pre-Auth SQL Injection (CVE-2022-24260) cve/CVE-2022-24260.yaml
Online Birth Certificate System 1.2 - Stored Cross-Site Scripting (CVE-2022-29005) cve/CVE-2022-29005.yaml
Spring Security OAuth2 Remote Command Execution (CVE-2016-4977) cve/CVE-2016-4977.yaml
Cofax <=2.0RC3 - Cross-Site Scripting (CVE-2005-4385) cve/CVE-2005-4385.yaml
Apache ShardingSphere ElasticJob-UI privilege escalation (CVE-2022-22733) cve/CVE-2022-22733.yaml
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31974) cve/CVE-2022-31974.yaml
WordPress Event Tickets < 5.2.2 - Open Redirect (CVE-2021-25028) cve/CVE-2021-25028.yaml
Imgproxy <= 3.14.0 - Server-side request forgery (SSRF) (CVE-2023-30019) cve/CVE-2023-30019.yaml
GitList < 0.6.0 Remote Code Execution (CVE-2018-1000533) cve/CVE-2018-1000533.yaml
VMware vCenter Server - Arbitrary File Upload (CVE-2021-22005) cve/CVE-2021-22005.yaml
Oracle Business Intelligence - Path Traversal (CVE-2019-2588) cve/CVE-2019-2588.yaml
Artica Proxy Community Edition <4.30.000000 - Local File Inclusion (CVE-2020-13158) cve/CVE-2020-13158.yaml
Joomla! Component RWCards 3.0.11 - Local File Inclusion (CVE-2008-6172) cve/CVE-2008-6172.yaml
Atmail 6.5.0 - Cross-Site Scripting (CVE-2021-43574) cve/CVE-2021-43574.yaml
WebPort 1.19.1 - Cross-Site Scripting (CVE-2019-12461) cve/CVE-2019-12461.yaml
Oracle WebLogic Server - Remote Command Execution (CVE-2019-2725) cve/CVE-2019-2725.yaml
WordPress JSmol2WP <=1.07 - Cross-Site Scripting (CVE-2018-20462) cve/CVE-2018-20462.yaml
Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153) (CVE-2012-3153) cve/CVE-2012-3153.yaml
Joomla! <=2.0.0 RC2 - Local File Inclusion (CVE-2008-4764) cve/CVE-2008-4764.yaml
VMWare Workspace ONE UEM - Server-Side Request Forgery (CVE-2021-22054) cve/CVE-2021-22054.yaml
WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting (CVE-2017-18536) cve/CVE-2017-18536.yaml
SAP Memory Pipes (MPI) Desynchronization (CVE-2022-22536) cve/CVE-2022-22536.yaml
Detect SSL Certificate Issuer ssl/metasploit-c2.yaml
Covenant C2 SSL - Detect ssl/covenant-c2-ssl.yaml
ShadowPad C2 Infrastructure - Detect ssl/shadowpad-c2.yaml
Kubernetes Fake Ingress Certificate - Detect ssl/kubernetes-fake-certificate.yaml
Expired SSL Certificate ssl/expired-ssl.yaml
TLS Version - Detect ssl/tls-version.yaml
Weak Cipher Suites Detection ssl/weak-cipher-suites.yaml
Cobalt Strike C2 - Detect ssl/cobalt-strike-c2.yaml
AsyncRAT C2 - Detect ssl/asyncrat-c2.yaml
Revoked SSL Certificate - Detect ssl/revoked-ssl-certificate.yaml
OrcusRAT - Detect ssl/orcus-rat-c2.yaml
Untrusted Root Certificate - Detect ssl/untrusted-root-certificate.yaml
Gozi Malware - Detect ssl/gozi-malware.yaml
Self Signed SSL Certificate ssl/self-signed-ssl.yaml
DcRat Server C2 - Detect ssl/dcrat-server-c2.yaml
Posh C2 - Detect ssl/posh-c2.yaml
Quasar RAT C2 SSL Certificate - Detect ssl/quasar-rat-c2.yaml
IcedID Infrastructure - Detect ssl/icedid.yaml
Deprecated TLS Detection (TLS 1.1 or SSLv3) ssl/deprecated-tls.yaml
Insecure Cipher Suite Detection ssl/insecure-cipher-suite-detect.yaml
Bitrat C2 - Detect ssl/bitrat-c2.yaml
CNAME Detect Dangling dns/detect-dangling-cname.yaml
DNS WAF Detection dns/dns-waf-detect.yaml
CNAME Service Detection dns/cname-service.yaml
DNS TXT Record Detected dns/txt-fingerprint.yaml
Detect DNS over HTTPS dns/detect-dns-over-https.yaml
AWS EC2 Detection dns/ec2-detection.yaml
CNAME Fingerprint dns/cname-fingerprint.yaml
CAA Record dns/caa-fingerprint.yaml
NS Record Detection dns/nameserver-fingerprint.yaml
Worksites.net Service Detection dns/worksites-detection.yaml
Microsoft Azure Takeover Detection dns/azure-takeover-detection.yaml
Email Service Detector dns/mx-service-detector.yaml
DNS DMARC - Detect dns/dmarc-detect.yaml
PTR Detected dns/ptr-fingerprint.yaml
DNSSEC Detection dns/dnssec-detection.yaml
MX Record Detection dns/mx-fingerprint.yaml
DNS Servfail Host Finder dns/servfail-refused-hosts.yaml
ElasticBeanTalk Subdomain Takeover Detection dns/elasticbeantalk-takeover.yaml
Spoofable SPF Records with PTR Mechanism dns/spoofable-spf-records-ptr.yaml

    Did this answer your question?