- Apache Axis2 contains a flaw that may allow a remote attacker to access arbitrary files. A remote attacker could send a specially-crafted URL request using the xsd parameter to specify a malicious file from the local system, which could allow the attacker to obtain sensitive information or execute arbitrary code on the vulnerable Web server.
- Upgrade to the latest version of Apache Axis2. This issue was fixed in Apache Axis2 version 1.4.1.
- WordPress Plugin GD bbPress Attachments Multiple Vulnerabilities (2.2)
- WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)
- vBulletin routestring Local File Inclusion
- WordPress Plugin Spicy Blogroll Local File Include (1.0.0)
- WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1)