Description

PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.

Remediation

References

CVE-2003-1599

Related Vulnerabilities

WordPress Plugin Folders-Organize Pages, Posts and Media Library Folders with Drag and Drop Cross-Site Scripting (2.0.5)

Jetty Improper Resource Shutdown or Release Vulnerability (CVE-2022-2191)

WordPress Plugin NEX-Forms-Ultimate Form builder Multiple SQL Injection Vulnerabilities (4.0)

WordPress Plugin Facebook Button by BestWebSoft Cross-Site Scripting (2.33)

Moodle Improper Encoding or Escaping of Output Vulnerability (CVE-2021-40694)

Severity

High

Classification

CVE-2003-1599 CWE-94

Tags

Missing Update Known Vulnerabilities