CVE-2006-5020 Information

Feb 14, 2021 cve

Description

Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php (2) AddInvoicePage.class.php (3) AddIPAddressPage.class.php (4) AddPaymentPage.class.php (5) AddTaxRulePage.class.php (6) AssignDomainPage.class.php (7) AssignHostingPage.class.php (8) AssignProductPage.class.php (9) BillingPage.class.php (10) BillingPaymentPage.class.php (11) BrowseAccountsPage.class.php (12) BrowseInvoicesPage.class.php (13) ConfigureEditUserPage.class.php (14) ConfigureNewUserPage.class.php (15) ConfigureNewUserReceiptPage.class.php (16) ConfigureUsersPage.class.php (17) DeleteAccountPage.class.php (18) DeleteDomainServicePage.class.php (19) DeleteHostingServicePage.class.php (20) DeleteInvoicePage.class.php (21) DeleteProductPage.class.php (22) DeleteServerPage.class.php (23) DomainServicesPage.class.php (24) DomainsPage.class.php (25) EditAccountPage.class.php (26) EditDomainPage.class.php (27) EditDomainServicePage.class.php (28) EditHostingServicePage.class.php (29) EditPaymentPage.class.php (30) EditProductPage.class.php (31) EditServerPage.class.php (32) EmailInvoicePage.class.php (33) ExecuteOrderPage.class.php (34) ExpiredDomainsPage.class.php (35) FulfilledOrdersPage.class.php (36) GenerateInvoicesPage.class.php (37) HomePage.class.php (38) InactiveAccountsPage.class.php (39) IPManagerPage.class.php (40) LoginPage.class.php (41) LogPage.class.php (42) ModulesPage.class.php (43) NewAccountPage.class.php (44) NewDomainServicePage.class.php (45) NewProductPage.class.php (46) OutstandingInvoicesPage.class.php (47) PendingAccountsPage.class.php (48) PendingOrdersPage.class.php (49) PrintInvoicePage.class.php (50) ProductsPage.class.php (51) RegisterDomainPage.class.php (52) RegisteredDomainsPage.class.php (53) ServersPage.class.php (54) ServicesHostingServicesPage.class.php (55) ServicesNewHostingPage.class.php (56) ServicesPage.class.php (57) ServicesWebHostingPage.class.php (58) SettingsPage.class.php (59) TaxesPage.class.php (60) TransferDomainPage.class.php (61) ViewAccountPage.class.php (62) ViewDomainServicePage.class.php (63) ViewHostingServicePage.class.php (64) ViewInvoicePage.class.php (65) ViewLogMessagePage.class.php (66) ViewOrderPage.class.php (67) ViewProductPage.class.php (68) ViewServerPage.class.php (69) WelcomeEmailPage.class.php; and (70) modules/RegistrarModule.class.php (71) modules/SolidStateModule.class.php (72) modules/authorizeaim/authorizeaim.class.php and (73) modules/authorizeaim/pages/AAIMConfigPage.class.php.

Reference

Share on: