CVE-2006-1959 Information

Description

PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier Gold 7.63 and earlier and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter.

Reference

http://secunia.com/advisories/19743 http://securityreason.com/securityalert/742 http://securitytracker.com/id?1015967 http://www.osvdb.org/24778 http://www.securityfocus.com/archive/1/431351/100/0/threaded http://www.securityfocus.com/archive/1/434562/100/0/threaded http://www.securityfocus.com/bid/17597 http://www.vupen.com/english/advisories/2006/1430 https://exchange.xforce.ibmcloud.com/vulnerabilities/25893