The sina-extension-for-elementor plugin before 2.2.1 for WordPress has local file inclusion.
Max CVSS
7.5
EPSS Score
0.19%
Published
2019-08-30
Updated
2020-08-24
The shortcode-factory plugin before 2.8 for WordPress has Local File Inclusion.
Max CVSS
9.8
EPSS Score
0.21%
Published
2019-08-22
Updated
2020-08-24
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path.
Max CVSS
9.3
EPSS Score
0.07%
Published
2019-08-21
Updated
2019-08-28
The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter.
Max CVSS
4.9
EPSS Score
0.10%
Published
2019-08-09
Updated
2019-08-14
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
Max CVSS
6.5
EPSS Score
2.35%
Published
2019-08-09
Updated
2019-08-19
In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp.
Max CVSS
4.3
EPSS Score
0.77%
Published
2019-08-27
Updated
2022-04-18
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-08-29
Updated
2019-10-09
A DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. Lenovo has ended support for PaperDisplay Hotkey software as the Night light feature introduced in Windows 10 Build 1703 provides similar features.
Max CVSS
7.8
EPSS Score
0.06%
Published
2019-08-19
Updated
2023-02-02
The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM). This issue affects version 2019.06.24 and prior versions of the product.
Max CVSS
9.3
EPSS Score
0.06%
Published
2019-08-19
Updated
2023-03-29
The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec.
Max CVSS
9.8
EPSS Score
1.17%
Published
2019-08-22
Updated
2019-08-26
The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion.
Max CVSS
9.8
EPSS Score
0.18%
Published
2019-08-16
Updated
2019-08-21
cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
Max CVSS
8.5
EPSS Score
0.11%
Published
2019-08-01
Updated
2019-08-08
The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion.
Max CVSS
9.8
EPSS Score
0.21%
Published
2019-08-22
Updated
2019-08-26
The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion.
Max CVSS
9.8
EPSS Score
0.45%
Published
2019-08-22
Updated
2019-08-26
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!