Vulnerabilities with Nuclei Scanner Templates

Updated 2h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,402 CVEs tracked 53,629 with exploits 4,859 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,301 vendors 43,863 researchers
4,077 results Clear all
CVE-2018-1217 9.8 CRITICAL EXPLOITED 1 PoC Analysis NUCLEI EPSS 0.66
Dell Emc Avamar - Missing Authorization
Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials.
CWE-862 Apr 09, 2018
CVE-2018-1271 5.9 MEDIUM NUCLEI EPSS 0.91
Vmware Spring Framework < 4.3.15 - Path Traversal
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.
CWE-22 Apr 06, 2018
CVE-2018-8719 5.3 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.15
WP Security Audit Log <3.1.1 - Info Disclosure
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
CWE-532 Apr 04, 2018
CVE-2018-9205 7.5 HIGH EXPLOITED 1 PoC Analysis NUCLEI EPSS 0.81
Drupal Avatar Uploader - Path Traversal
Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.
CWE-22 Apr 04, 2018
CVE-2018-9161 9.8 CRITICAL 1 PoC Analysis NUCLEI EPSS 0.55
Prismaindustriale Checkweigher Prismaweb - Hard-coded Credentials
Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading user/scripts/login_par.js.
CWE-798 Mar 31, 2018
CVE-2018-7600 9.8 CRITICAL KEV RANSOMWARE 64 PoCs Analysis NUCLEI EPSS 0.94
Drupal Drupalgeddon 2 Forms API Property Injection
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
CWE-20 Mar 29, 2018
CVE-2018-8823 9.8 CRITICAL NUCLEI EPSS 0.90
Responsive Mega Menu <1.7.2.5 - RCE
modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute arbitrary PHP code via the code parameter.
CWE-94 Mar 28, 2018
CVE-2018-7700 8.8 HIGH EXPLOITED NUCLEI EPSS 0.93
Dedecms - CSRF
DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code.
CWE-352 Mar 27, 2018
CVE-2018-7196 6.1 MEDIUM NUCLEI EPSS 0.01
Osticket < 1.10.1 - XSS
Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter.
CWE-79 Mar 27, 2018
CVE-2018-7193 6.1 MEDIUM NUCLEI EPSS 0.01
Osticket < 1.10.1 - XSS
Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "order" parameter.
CWE-79 Mar 27, 2018
CVE-2018-7192 6.1 MEDIUM NUCLEI EPSS 0.00
Osticket < 1.10.1 - XSS
Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter.
CWE-79 Mar 27, 2018
CVE-2018-6882 6.1 MEDIUM KEV RANSOMWARE NUCLEI EPSS 0.80
Synacor Zimbra Collaboration Suite < 8.7.0 - XSS
Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.
CWE-79 Mar 27, 2018
CVE-2018-7719 7.5 HIGH 1 PoC Analysis NUCLEI EPSS 0.87
Acrolinx Server <5.2.5 - Path Traversal
Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.
CWE-22 Mar 25, 2018
CVE-2018-1207 9.8 CRITICAL EXPLOITED 5 PoCs Analysis NUCLEI EPSS 0.94
Dell Emc Idrac7 < 2.52.52.52 - Code Injection
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code.
CWE-94 Mar 23, 2018
CVE-2018-5233 6.1 MEDIUM NUCLEI EPSS 0.19
Grav CMS <1.3.0 - XSS
Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools.
CWE-79 Mar 19, 2018
CVE-2018-7422 7.5 HIGH EXPLOITED 6 PoCs Analysis NUCLEI EPSS 0.90
Siteeditor Site Editor < 1.1.1 - Path Traversal
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.
CWE-22 Mar 19, 2018
CVE-2018-8770 5.3 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.58
Western Bridge Cobub Razor 0.8.0 - Info Disclosure
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php in tests/.
CWE-200 Mar 18, 2018
CVE-2018-8715 8.1 HIGH NUCLEI EPSS 0.92
Embedthis HTTP <7.0.3 - Auth Bypass
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
CWE-287 Mar 15, 2018
CVE-2018-1000130 8.1 HIGH EXPLOITED NUCLEI EPSS 0.91
Jolokia Agent <1.3.7 - RCE
A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.
CWE-74 Mar 14, 2018
CVE-2018-1000129 6.1 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.77
Jolokia Agent <1.3.7 - XSS
An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.
CWE-79 Mar 14, 2018

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest CVEs with Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-35414: Three Bugs, One Commit, and Two More Nobody Mentioned
Apr 03, 2026
WP Google Map Plugin - Three Weak Links, One Critical Chain
Mar 29, 2026
CVE-2026-24289: Windows Kernel IOCP Race Condition - The Ghost We Proved by Salting the Circle
Mar 16, 2026
CVE-2026-3910: The Type the Compiler Promised -- A V8 JIT Story in Seven Acts
Mar 16, 2026
Six AI Agents, One Security Company: The Paperclip AI Experiment
Mar 16, 2026
CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
CVE-2025-12421 CRITICAL
Mattermost <11.0.2, 10.12.1, 10.11.4, 10.5.12 - Auth Bypass
 View all labs →

KEV Gaps

CVE-2025-29635
Dlink Dir-823x Firmware - Command Injection
 CVE-2024-57728
Simple-help Simplehelp < 5.5.8 - Symlink Following
 CVE-2024-57726
Simple-help Simplehelp < 5.5.8 - Missing Authorization
 CVE-2026-20133
Cisco Catalyst SD-WAN Manager - Info Disclosure
 CVE-2026-20128
Cisco Catalyst SD-WAN Manager - Privilege Escalation
 CVE-2026-20122
Cisco Catalyst SD-WAN Manager - Path Traversal
 CVE-2025-32975
Quest KACE SMA <14.1.101 - Auth Bypass
 CVE-2025-48700
Zimbra Collaboration <10.1 - XSS
 CVE-2025-2749
Kentico Xperience < 13.0.178 - Path Traversal
 CVE-2023-27351
Papercut MF < 20.1.7 - Authentication Bypass
 CVE-2009-0238
Microsoft Office <2007 SP1 - RCE
 CVE-2012-1854
Microsoft Office <2010 - Privilege Escalation