CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In August 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1851 CVE-2016-10782 79 XSS 2019-08-06 2019-08-08
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181).
1852 CVE-2016-10781 79 XSS 2019-08-06 2019-08-08
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180).
1853 CVE-2016-10780 79 XSS 2019-08-06 2019-08-08
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180).
1854 CVE-2016-10779 79 XSS 2019-08-06 2019-08-09
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179).
1855 CVE-2016-10778 79 XSS 2019-08-06 2019-08-08
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).
1856 CVE-2016-10777 79 XSS 2019-08-06 2019-08-08
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177).
1857 CVE-2016-10776 79 XSS 2019-08-06 2019-08-08
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).
1858 CVE-2016-10775 20 2019-08-05 2019-08-12
6.8
None Remote Low ??? Complete None None
cPanel before 60.0.25 allows arbitrary file-chown operations via reassign_post_terminate_cruft (SEC-173).
1859 CVE-2016-10774 79 XSS 2019-08-05 2019-08-09
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172).
1860 CVE-2016-10773 134 2019-08-05 2019-08-09
6.5
None Remote Low ??? Partial Partial Partial
cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171).
1861 CVE-2016-10772 254 2019-08-05 2019-08-09
2.1
None Local Low Not required None Partial None
cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).
1862 CVE-2016-10771 20 2019-08-05 2019-08-09
5.5
None Remote Low ??? Partial Partial None
cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165).
1863 CVE-2016-10770 20 2019-08-05 2019-08-09
5.5
None Remote Low ??? None Partial Partial
cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164).
1864 CVE-2016-10769 601 2019-08-05 2019-08-08
5.8
None Remote Medium Not required Partial Partial None
cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162).
1865 CVE-2016-10768 20 2019-08-05 2019-08-08
5.5
None Remote Low ??? None Partial Partial
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161).
1866 CVE-2016-10767 79 XSS 2019-08-05 2019-08-09
3.5
None Remote Medium ??? None Partial None
cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).
1867 CVE-2016-6154 79 XSS 2019-08-23 2019-08-26
5.8
None Remote Medium Not required Partial Partial None
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
1868 CVE-2016-5431 310 Bypass 2019-08-07 2019-10-09
5.0
None Remote Low Not required None Partial None
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.
1869 CVE-2015-9380 352 CSRF 2019-08-30 2019-09-03
6.8
None Remote Medium Not required Partial Partial Partial
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
1870 CVE-2015-9379 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg().
1871 CVE-2015-9378 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg().
1872 CVE-2015-9377 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg().
1873 CVE-2015-9376 79 XSS 2019-08-28 2019-08-29
4.3
None Remote Medium Not required None Partial None
iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg().
1874 CVE-2015-9375 79 XSS 2019-08-28 2019-09-04
4.3
None Remote Medium Not required None Partial None
Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1875 CVE-2015-9374 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1876 CVE-2015-9373 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
PayPal Pro Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1877 CVE-2015-9372 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1878 CVE-2015-9371 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1879 CVE-2015-9370 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1880 CVE-2015-9369 79 XSS 2019-08-28 2019-09-04
4.3
None Remote Medium Not required None Partial None
Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1881 CVE-2015-9368 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1882 CVE-2015-9367 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1883 CVE-2015-9366 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1884 CVE-2015-9365 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1885 CVE-2015-9364 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1886 CVE-2015-9363 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
1887 CVE-2015-9362 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg().
1888 CVE-2015-9361 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg().
1889 CVE-2015-9360 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg().
1890 CVE-2015-9359 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg().
1891 CVE-2015-9358 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().
1892 CVE-2015-9357 79 XSS 2019-08-28 2019-08-29
4.3
None Remote Medium Not required None Partial None
The akismet plugin before 3.1.5 for WordPress has XSS.
1893 CVE-2015-9356 79 XSS 2019-08-28 2019-08-30
4.3
None Remote Medium Not required None Partial None
The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg(), a different issue than CVE-2014-9460.
1894 CVE-2015-9355 79 XSS 2019-08-28 2019-09-03
4.3
None Remote Medium Not required None Partial None
The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.
1895 CVE-2015-9354 79 XSS 2019-08-28 2019-08-29
3.5
None Remote Medium ??? None Partial None
The gigpress plugin before 2.3.11 for WordPress has XSS.
1896 CVE-2015-9353 89 Sql 2019-08-28 2019-09-09
6.5
None Remote Low ??? Partial Partial Partial
The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066.
1897 CVE-2015-9352 89 Sql 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
The wp-polls plugin before 2.72 for WordPress has SQL injection.
1898 CVE-2015-9351 20 Exec Code 2019-08-27 2019-08-28
7.5
None Remote Low Not required Partial Partial Partial
The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button.
1899 CVE-2015-9350 79 XSS 2019-08-27 2019-08-28
4.3
None Remote Medium Not required None Partial None
The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button.
1900 CVE-2015-9349 79 XSS 2019-08-27 2019-08-28
4.3
None Remote Medium Not required None Partial None
The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (old)" file browser.
Total number of vulnerabilities : 2004   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 (This Page)39 40 41
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.