Security Vulnerabilities, CVEs, Published In 2014 (File inclusion) CVSS score >= 4
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability."
Max CVSS
6.9
EPSS Score
97.04%
Published
2014-04-08
Updated
2020-07-24
PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL in the dompdf parameter.
Max CVSS
7.5
EPSS Score
1.06%
Published
2014-05-27
Updated
2017-08-29
PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.
Max CVSS
7.5
EPSS Score
1.15%
Published
2014-10-27
Updated
2017-08-29
3 vulnerabilities found