Security Vulnerabilities, CVEs, Published In May 2019 (File inclusion) CVSS score >= 8
An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which FortiClientOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious .dll files in that directory.
Max CVSS
9.3
EPSS Score
0.23%
Published
2019-05-28
Updated
2019-05-29
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
Max CVSS
9.8
EPSS Score
3.86%
Published
2019-05-13
Updated
2020-08-24
All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised.
Max CVSS
8.1
EPSS Score
0.25%
Published
2019-05-06
Updated
2020-10-02
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.
Max CVSS
9.8
EPSS Score
14.43%
Published
2019-05-24
Updated
2019-11-05
4 vulnerabilities found