CVE-2006-2686 Information

Feb 14, 2021 cve

Description

PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3 (2) cron.php3 (3) discussion.php3 (4) filldisc.php3 (5) filler.php3 (6) fillform.php3 (7) go.php3 (8) hiercons.php3 (9) jsview.php3 (10) live_checkbox.php3 (11) offline.php3 (12) post2shtml.php3 (13) search.php3 (14) slice.php3 (15) sql_update.php3 (16) view.php3 (17) multiple files in the (18) admin/ folder (19) includes folder and (20) modules/ folder.

Reference

http://secunia.com/advisories/20299 http://www.osvdb.org/27253 http://www.osvdb.org/27254 http://www.osvdb.org/27256 http://www.osvdb.org/27257 http://www.osvdb.org/27258 http://www.osvdb.org/27259 http://www.osvdb.org/27260 http://www.osvdb.org/27261 http://www.osvdb.org/27262 http://www.osvdb.org/27263 http://www.osvdb.org/27264 http://www.osvdb.org/27265 http://www.osvdb.org/27266 http://www.osvdb.org/27267 http://www.osvdb.org/27268 http://www.osvdb.org/27269 http://www.osvdb.org/27270 http://www.osvdb.org/27271 http://www.osvdb.org/27272 http://www.osvdb.org/27273 http://www.osvdb.org/27274 http://www.osvdb.org/27275 http://www.osvdb.org/27276 http://www.osvdb.org/27277 http://www.osvdb.org/27278 http://www.osvdb.org/27279 http://www.osvdb.org/27280 http://www.osvdb.org/27281 http://www.osvdb.org/27282 http://www.osvdb.org/27283 http://www.osvdb.org/27284 http://www.osvdb.org/27285 http://www.osvdb.org/27286 http://www.osvdb.org/27287 http://www.osvdb.org/27288 http://www.osvdb.org/27289 http://www.osvdb.org/27290 http://www.osvdb.org/27291 http://www.osvdb.org/27292 http://www.osvdb.org/27293 http://www.osvdb.org/27294 http://www.osvdb.org/27295 http://www.osvdb.org/27296 http://www.osvdb.org/27297 http://www.osvdb.org/27298 http://www.osvdb.org/27299 http://www.osvdb.org/27300 http://www.osvdb.org/27301 http://www.osvdb.org/27302 http://www.osvdb.org/27303 http://www.osvdb.org/27304 http://www.osvdb.org/27305 http://www.osvdb.org/27306 http://www.osvdb.org/27308 http://www.osvdb.org/27309 http://www.osvdb.org/27310 http://www.securityfocus.com/bid/19133 http://www.vupen.com/english/advisories/2006/1997 https://exchange.xforce.ibmcloud.com/vulnerabilities/26776 https://www.exploit-db.com/exploits/1829

Share on: