Security Vulnerabilities, CVEs, Published In September 2015 (File inclusion) CVSS score >= 3
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary PHP code via the (1) pathToMYSQL or (2) databaseStructureFile parameter, a different issue than CVE-2015-6008.
Max CVSS
7.5
EPSS Score
0.60%
Published
2015-09-28
Updated
2015-09-29
Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.
Max CVSS
7.2
EPSS Score
0.10%
Published
2015-09-26
Updated
2016-12-12
2 vulnerabilities found