Security Vulnerabilities Published
In 2015(File Inclusion)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2015-7381 |
94 |
|
Exec Code File Inclusion |
2015-09-28 |
2015-09-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary PHP code via the (1) pathToMYSQL or (2) databaseStructureFile parameter, a different issue than CVE-2015-6008. |
2 |
CVE-2015-4726 |
94 |
|
Exec Code File Inclusion |
2015-06-23 |
2016-12-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config['basedir'] parameter. |
3 |
CVE-2015-1399 |
94 |
|
Exec Code File Inclusion |
2015-04-29 |
2016-04-01 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
PHP remote file inclusion vulnerability in the fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allows remote administrators to execute arbitrary PHP code via a URL in unspecified vectors involving the setScriptPath function. NOTE: it is not clear whether this issue crosses privilege boundaries, since administrators might already have privileges to include arbitrary files. |
4 |
CVE-2015-0729 |
79 |
|
XSS File Inclusion |
2015-05-16 |
2017-01-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote attackers to inject arbitrary web script or HTML via a file-inclusion attack, aka Bug ID CSCuu11005. |
5 |
CVE-2015-0683 |
200 |
|
+Info File Inclusion |
2015-04-03 |
2015-09-29 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744. |
Total number of vulnerabilities :
5
Page :
1
(This Page)