Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2024-27757

    flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."... Read more

    Affected Products : flusity
    • Published: Mar. 18, 2024
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2018-10391

    An issue was discovered in WUZHI CMS 4.1.0. There is XSS via the email parameter to the index.php?m=member&v=register URI.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.24
    • Published: Apr. 26, 2018
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2018-18711

    An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.14
    • Published: Oct. 29, 2018
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2018-18712

    An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.14
    • Published: Oct. 29, 2018
    • Modified: May. 05, 2025

  • 5.4

    MEDIUM
    CVE-2018-17425

    WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to ask" "detailed description" field under the index.php?m=member URI.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.21
    • Published: Mar. 07, 2019
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2022-27431

    Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the groupid parameter at /coreframe/app/member/admin/group.php.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.23
    • Published: May. 04, 2022
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2020-20122

    Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.26
    • Published: Sep. 28, 2021
    • Modified: May. 05, 2025

  • 5.4

    MEDIUM
    CVE-2020-19770

    A cross-site scripting (XSS) vulnerability in the system bulletin component of WUZHI CMS v4.1.0 allows attackers to steal the admin's cookie.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.19
    • Published: Dec. 21, 2021
    • Modified: May. 05, 2025

  • 5.4

    MEDIUM
    CVE-2018-10313

    WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter to the /index.php?m=member&f=index&v=profile&set_iframe=1 URI.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.53
    • Published: Apr. 24, 2018
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2018-10367

    An issue was discovered in WUZHI CMS 4.1.0. The content-management feature has Stored XSS via the title or content section.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.24
    • Published: Apr. 25, 2018
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2018-10368

    An issue was discovered in WUZHI CMS 4.1.0. The "Extension Module -> System Announcement" feature has Stored XSS via an announcement.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.24
    • Published: Apr. 25, 2018
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2018-11493

    An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a friendship link via index.php?m=link&f=index&v=add.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.14
    • Published: May. 26, 2018
    • Modified: May. 05, 2025

  • 5.4

    MEDIUM
    CVE-2018-11549

    An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a form[qq_10]= substring.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.21
    • Published: May. 29, 2018
    • Modified: May. 05, 2025

  • 8.8

    HIGH
    CVE-2020-20124

    Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \attachment\admin\index.php.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %3.12
    • Published: Sep. 28, 2021
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2020-19897

    A reflected Cross Site Scripting (XSS) in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.27
    • Published: Jun. 28, 2022
    • Modified: May. 05, 2025

  • 5.4

    MEDIUM
    CVE-2023-31860

    Wuzhi CMS v3.1.2 has a storage type XSS vulnerability in the backend of the Five Finger CMS b2b system.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.08
    • Published: May. 23, 2023
    • Modified: May. 05, 2025

  • 9.8

    CRITICAL
    CVE-2018-11528

    WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.31
    • Published: May. 29, 2018
    • Modified: May. 05, 2025

  • 6.5

    MEDIUM
    CVE-2018-10248

    An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can delete any article via index.php?m=content&f=content&v=recycle_delete.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.12
    • Published: Apr. 20, 2018
    • Modified: May. 05, 2025

  • 4.8

    MEDIUM
    CVE-2018-18938

    An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via an ontoggle attribute to details/open/ within a second input field.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.24
    • Published: Nov. 05, 2018
    • Modified: May. 05, 2025

  • 6.1

    MEDIUM
    CVE-2019-9107

    XSS exists in WUZHI CMS 4.1.0 via index.php?m=attachment&f=imagecut&v=init&imgurl=[XSS] to coreframe/app/attachment/imagecut.php.... Read more

    Affected Products : wuzhi_cms wuzhicms
    • EPSS Score: %0.22
    • Published: Feb. 25, 2019
    • Modified: May. 05, 2025
Showing 20 of 291222 Results