Vulnerabilities with Nuclei Scanner Templates

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,378 CVEs tracked 53,627 with exploits 4,858 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,288 vendors 43,849 researchers
4,077 results Clear all
CVE-2014-9618 9.8 CRITICAL 1 PoC Analysis NUCLEI EPSS 0.68
Netsweeper <3.1.10, <4.0.9, <4.1.2 - Auth Bypass
The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL.
CWE-287 Sep 19, 2017
CVE-2014-8676 5.3 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.82
SOPlanning <1.32 - Path Traversal
Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and earlier allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in a URL path parameter.
CWE-22 Aug 31, 2017
CVE-2014-9735 EXPLOITED 2 PoCs Analysis NUCLEI EPSS 0.83
ThemePunch Slider Revolution <3.0.96 & Showbiz Pro <1.7.1 - RCE
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to (1) upload and execute arbitrary files via an update_plugin action; (2) delete arbitrary sliders via a delete_slider action; and (3) create, (4) update, (5) import, or (6) export arbitrary sliders via unspecified vectors.
CWE-264 Jun 30, 2015
CVE-2014-10037 1 PoC Analysis NUCLEI EPSS 0.65
Domphp < 0.83 - Path Traversal
Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. (dot dot) in the url parameter to photoalbum/index.php.
CWE-22 Jan 13, 2015
CVE-2014-100004 NUCLEI EPSS 0.00
Sitecore Cms < 7.0 - XSS
Cross-site scripting (XSS) vulnerability in Sitecore CMS before 7.0 Update-4 (rev. 140120) allows remote attackers to inject arbitrary web script or HTML via the xmlcontrol parameter to the default URI. NOTE: some of these details are obtained from third party information.
CWE-79 Jan 13, 2015
CVE-2014-9444 NUCLEI EPSS 0.03
WordPress Frontend Uploader 0.9.2 - XSS
Cross-site scripting (XSS) vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the errors[fu-disallowed-mime-type][0][name] parameter to the default URI.
CWE-79 Jan 02, 2015
CVE-2014-9119 1 PoC Analysis NUCLEI EPSS 0.51
DB Backup plugin <4.5 - Path Traversal
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CWE-22 Dec 31, 2014
CVE-2014-9180 NUCLEI EPSS 0.08
Eleanor CMS - Open Redirect
Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the QUERY_STRING.
Dec 02, 2014
CVE-2014-8799 2 PoCs Analysis NUCLEI EPSS 0.91
DukaPress <2.5.4 - Path Traversal
Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter to lib/dp_image.php.
CWE-22 Nov 28, 2014
CVE-2014-9094 1 PoC Analysis NUCLEI EPSS 0.07
WordPress DZS Video Gallery - XSS
Multiple cross-site scripting (XSS) vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter.
CWE-79 Nov 26, 2014
CVE-2014-8682 2 PoCs Analysis NUCLEI EPSS 0.77
Gogs 0.3.1-9-0.5.x - SQL Injection
Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.
CWE-89 Nov 21, 2014
CVE-2014-5258 1 PoC Analysis NUCLEI EPSS 0.81
Webedition Cms < 6.3.8.0 - Path Traversal
Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
CWE-22 Nov 06, 2014
CVE-2014-4577 NUCLEI EPSS 0.02
WP AmASIN <0.9.6 - Path Traversal
Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pathname in the url parameter.
CWE-22 Oct 21, 2014
CVE-2014-6308 1 PoC Analysis NUCLEI EPSS 0.78
OSClass <3.4.2 - Path Traversal
Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.
CWE-22 Oct 20, 2014
CVE-2014-3704 EXPLOITED 11 PoCs Analysis NUCLEI EPSS 0.94
Drupal < 7.32 - SQL Injection
The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.
CWE-89 Oct 16, 2014
CVE-2014-6287 9.8 CRITICAL KEV 22 PoCs Analysis NUCLEI EPSS 0.94
Rejetto HTTP File Server <2.3c - RCE
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
CWE-94 Oct 07, 2014
CVE-2014-6271 9.8 CRITICAL KEV 126 PoCs Analysis NUCLEI EPSS 0.94
Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
CWE-78 Sep 24, 2014
CVE-2014-5368 1 PoC Analysis NUCLEI EPSS 0.48
WP Content Source Control < 3.0.0 - Path Traversal
Directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter.
CWE-22 Aug 22, 2014
CVE-2014-5187 NUCLEI EPSS 0.00
TOM M8te Plugin Tom-m8te Plugin - Path Traversal
Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remote attackers to read arbitrary files via the file parameter to tom-download-file.php.
CWE-22 Aug 06, 2014
CVE-2014-5181 NUCLEI EPSS 0.00
Last.fm Rotation Plugin Lastfm-rotation Plugin - Path Traversal
Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the snode parameter.
CWE-22 Aug 06, 2014

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest CVEs with Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-35414: Three Bugs, One Commit, and Two More Nobody Mentioned
Apr 03, 2026
WP Google Map Plugin - Three Weak Links, One Critical Chain
Mar 29, 2026
CVE-2026-24289: Windows Kernel IOCP Race Condition - The Ghost We Proved by Salting the Circle
Mar 16, 2026
CVE-2026-3910: The Type the Compiler Promised -- A V8 JIT Story in Seven Acts
Mar 16, 2026
Six AI Agents, One Security Company: The Paperclip AI Experiment
Mar 16, 2026
CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
CVE-2025-12421 CRITICAL
Mattermost <11.0.2, 10.12.1, 10.11.4, 10.5.12 - Auth Bypass
 View all labs →

KEV Gaps

CVE-2025-29635
Dlink Dir-823x Firmware - Command Injection
 CVE-2024-57728
Simple-help Simplehelp < 5.5.8 - Symlink Following
 CVE-2024-57726
Simple-help Simplehelp < 5.5.8 - Missing Authorization
 CVE-2026-20133
Cisco Catalyst SD-WAN Manager - Info Disclosure
 CVE-2026-20128
Cisco Catalyst SD-WAN Manager - Privilege Escalation
 CVE-2026-20122
Cisco Catalyst SD-WAN Manager - Path Traversal
 CVE-2025-32975
Quest KACE SMA <14.1.101 - Auth Bypass
 CVE-2025-48700
Zimbra Collaboration <10.1 - XSS
 CVE-2025-2749
Kentico Xperience < 13.0.178 - Path Traversal
 CVE-2023-27351
Papercut MF < 20.1.7 - Authentication Bypass
 CVE-2009-0238
Microsoft Office <2007 SP1 - RCE
 CVE-2012-1854
Microsoft Office <2010 - Privilege Escalation