Security Vulnerabilities, CVEs, Published In August 2019 (File inclusion) CVSS score >= 8
The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion.
Max CVSS
9.8
EPSS Score
0.45%
Published
2019-08-22
Updated
2019-08-26
The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion.
Max CVSS
9.8
EPSS Score
0.21%
Published
2019-08-22
Updated
2019-08-26
cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path (SEC-46).
Max CVSS
8.5
EPSS Score
0.11%
Published
2019-08-01
Updated
2019-08-08
The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion.
Max CVSS
9.8
EPSS Score
0.18%
Published
2019-08-16
Updated
2019-08-21
The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec.
Max CVSS
9.8
EPSS Score
1.05%
Published
2019-08-22
Updated
2019-08-26
The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM). This issue affects version 2019.06.24 and prior versions of the product.
Max CVSS
9.3
EPSS Score
0.06%
Published
2019-08-19
Updated
2023-03-29
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path.
Max CVSS
9.3
EPSS Score
0.07%
Published
2019-08-21
Updated
2019-08-28
The shortcode-factory plugin before 2.8 for WordPress has Local File Inclusion.
Max CVSS
9.8
EPSS Score
0.21%
Published
2019-08-22
Updated
2020-08-24
8 vulnerabilities found