PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.
Vulnerability category: File inclusion
Exploit prediction scoring system (EPSS) score for CVE-2003-1599
Probability of exploitation activity in the next 30 days: 1.15%
CVSS scores for CVE-2003-1599
CWE ids for CVE-2003-1599
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: email@example.com (Primary)