Vulnerabilities with Nuclei Scanner Templates

Updated 3h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,378 CVEs tracked 53,627 with exploits 4,858 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,288 vendors 43,849 researchers
4,077 results Clear all
CVE-2015-8399 4.3 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.93
Atlassian Confluence <5.8.17 - Info Disclosure
Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.
CWE-200 Apr 11, 2016
CVE-2015-5471 5.3 MEDIUM EXPLOITED 1 PoC Analysis NUCLEI EPSS 0.54
Swim Team plugin <1.44.10777 - Path Traversal
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter.
CWE-22 Jan 12, 2016
CVE-2015-4694 8.6 HIGH NUCLEI EPSS 0.33
Zip Attachments < 1.5 - Path Traversal
Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter.
CWE-22 Jan 08, 2016
CVE-2015-7450 9.8 CRITICAL KEV 3 PoCs Analysis NUCLEI EPSS 0.93
IBM Products - Command Injection
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
CWE-502 Jan 02, 2016
CVE-2015-8562 EXPLOITED 13 PoCs Analysis NUCLEI EPSS 0.93
Joomla! <3.4.6 - Code Injection
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
CWE-20 Dec 16, 2015
CVE-2015-7297 5 PoCs Analysis NUCLEI EPSS 0.92
Joomla! - SQL Injection
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858.
CWE-89 Oct 29, 2015
CVE-2015-7823 NUCLEI EPSS 0.13
Kentico CMS 8.2-8.2.41 - Open Redirect
Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the link parameter.
Oct 21, 2015
CVE-2015-6477 NUCLEI EPSS 0.33
Nordex Control 2 Scada < 16 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application in Nordex Control 2 (NC2) SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CWE-79 Oct 18, 2015
CVE-2015-7377 1 Writeup NUCLEI EPSS 0.06
Genetechsolutions Pie Register < 2.0.18 - XSS
Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URI.
CWE-79 Oct 16, 2015
CVE-2015-6920 NUCLEI EPSS 0.00
Sourceafrica - XSS
Cross-site scripting (XSS) vulnerability in js/window.php in the sourceAFRICA plugin 0.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
CWE-79 Sep 11, 2015
CVE-2015-5688 1 Writeup NUCLEI EPSS 0.81
Geddy <13.0.8 - Path Traversal
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.
CWE-22 Sep 04, 2015
CVE-2015-2807 NUCLEI EPSS 0.07
Navis Documentcloud < 0.1 - XSS
Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
CWE-79 Sep 01, 2015
CVE-2015-5531 EXPLOITED 5 PoCs Analysis NUCLEI EPSS 0.92
Elasticsearch <1.6.1 - Path Traversal
Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.
CWE-22 Aug 17, 2015
CVE-2015-4666 1 PoC Analysis NUCLEI EPSS 0.16
Xceedium Xsuite - Path Traversal
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// (quadruple dot double slash) in the logFile parameter.
CWE-22 Aug 13, 2015
CVE-2015-3224 7 PoCs Analysis NUCLEI EPSS 0.85
Web Console <2.1.3 - XSS
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request.
CWE-284 Jul 26, 2015
CVE-2015-2863 EXPLOITED 1 PoC Analysis NUCLEI EPSS 0.49
Kaseya Virtual System Administrator < 7.0.0.29 - Open Redirect
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Jul 20, 2015
CVE-2015-5461 NUCLEI EPSS 0.18
WordPress StageShow <5.0.9 - Open Redirect
Open redirect vulnerability in the Redirect function in stageshow_redirect.php in the StageShow plugin before 5.0.9 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Jul 08, 2015
CVE-2015-5354 1 PoC Analysis NUCLEI EPSS 0.22
Novius OS 5.0.1 - Open Redirect
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
CWE-601 Jul 01, 2015
CVE-2015-3897 EXPLOITED 1 PoC Analysis NUCLEI EPSS 0.60
Bonita BPM Portal <6.5.3 - Path Traversal
Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.
CWE-22 Jun 18, 2015
CVE-2015-4414 1 PoC Analysis NUCLEI EPSS 0.09
SE Html5 Album Audio Player < 1.1.0 - Path Traversal
Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CWE-22 Jun 17, 2015

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest CVEs with Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-35414: Three Bugs, One Commit, and Two More Nobody Mentioned
Apr 03, 2026
WP Google Map Plugin - Three Weak Links, One Critical Chain
Mar 29, 2026
CVE-2026-24289: Windows Kernel IOCP Race Condition - The Ghost We Proved by Salting the Circle
Mar 16, 2026
CVE-2026-3910: The Type the Compiler Promised -- A V8 JIT Story in Seven Acts
Mar 16, 2026
Six AI Agents, One Security Company: The Paperclip AI Experiment
Mar 16, 2026
CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
CVE-2025-12421 CRITICAL
Mattermost <11.0.2, 10.12.1, 10.11.4, 10.5.12 - Auth Bypass
 View all labs →

KEV Gaps

CVE-2025-29635
Dlink Dir-823x Firmware - Command Injection
 CVE-2024-57728
Simple-help Simplehelp < 5.5.8 - Symlink Following
 CVE-2024-57726
Simple-help Simplehelp < 5.5.8 - Missing Authorization
 CVE-2026-20133
Cisco Catalyst SD-WAN Manager - Info Disclosure
 CVE-2026-20128
Cisco Catalyst SD-WAN Manager - Privilege Escalation
 CVE-2026-20122
Cisco Catalyst SD-WAN Manager - Path Traversal
 CVE-2025-32975
Quest KACE SMA <14.1.101 - Auth Bypass
 CVE-2025-48700
Zimbra Collaboration <10.1 - XSS
 CVE-2025-2749
Kentico Xperience < 13.0.178 - Path Traversal
 CVE-2023-27351
Papercut MF < 20.1.7 - Authentication Bypass
 CVE-2009-0238
Microsoft Office <2007 SP1 - RCE
 CVE-2012-1854
Microsoft Office <2010 - Privilege Escalation