Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2018-20876

    cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.21
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-20878

    cPanel before 74.0.8 allows stored XSS in WHM "File and Directory Restoration" interface (SEC-441).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.21
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-20881

    cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.21
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-20884

    cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.21
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10853

    cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface (SEC-86).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.26
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2019-1010124

    WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting (XSS). The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administr... Read more

    Affected Products : woocommerce_product_feed
    • EPSS Score: %0.32
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2018-20915

    cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action (SEC-369).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.34
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10827

    cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences (SEC-96).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.26
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18402

    cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.34
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18417

    cPanel before 66.0.2 allows stored XSS during WHM cPAddons installation (SEC-263).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.34
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18418

    cPanel before 66.0.2 allows stored XSS during WHM cPAddons file operations (SEC-265).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.34
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18419

    cPanel before 66.0.2 allows stored XSS during WHM cPAddons uninstallation (SEC-266).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.34
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18420

    cPanel before 66.0.2 allows stored XSS during WHM cPAddons processing (SEC-269).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.34
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18454

    cPanel before 62.0.24 allows stored XSS in the WHM cPAddons install interface (SEC-262).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.34
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2019-7882

    A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated... Read more

    Affected Products : magento
    • EPSS Score: %0.10
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2019-7921

    A stored cross-site scripting vulnerability exists in the product catalog form of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to the product catalog ... Read more

    Affected Products : magento
    • EPSS Score: %0.10
    • Published: Aug. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10767

    cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.22
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10774

    cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.30
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2017-18481

    cPanel before 62.0.4 allows stored XSS in the WHM Account Suspension List interface (SEC-211).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.30
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2019-14669

    Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the asset account name. The JavaScript code is executed during a visit to the audit account statistics page.... Read more

    Affected Products : firefly_iii
    • EPSS Score: %0.21
    • Published: Aug. 05, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291564 Results