CVE-2006-2686
published 2006-05-31CVE-2006-2686: PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH]…
PriorityP348medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
13.63%
96.0th percentile
PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, (7) go.php3, (8) hiercons.php3, (9) jsview.php3, (10) live_checkbox.php3, (11) offline.php3, (12) post2shtml.php3, (13) search.php3, (14) slice.php3, (15) sql_update.php3, (16) view.php3, (17) multiple files in the (18) admin/ folder, (19) includes folder, and (20) modules/ folder.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| actionapps | actionapps | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/20299http://www.osvdb.org/27253http://www.osvdb.org/27254http://www.osvdb.org/27256http://www.osvdb.org/27257http://www.osvdb.org/27258http://www.osvdb.org/27259http://www.osvdb.org/27260http://www.osvdb.org/27261http://www.osvdb.org/27262http://www.osvdb.org/27263http://www.osvdb.org/27264http://www.osvdb.org/27265http://www.osvdb.org/27266http://www.osvdb.org/27267http://www.osvdb.org/27268http://www.osvdb.org/27269http://www.osvdb.org/27270http://www.osvdb.org/27271http://www.osvdb.org/27272http://www.osvdb.org/27273http://www.osvdb.org/27274http://www.osvdb.org/27275http://www.osvdb.org/27276http://www.osvdb.org/27277http://www.osvdb.org/27278http://www.osvdb.org/27279http://www.osvdb.org/27280http://www.osvdb.org/27281http://www.osvdb.org/27282http://www.osvdb.org/27283http://www.osvdb.org/27284http://www.osvdb.org/27285http://www.osvdb.org/27286http://www.osvdb.org/27287http://www.osvdb.org/27288http://www.osvdb.org/27289http://www.osvdb.org/27290http://www.osvdb.org/27291http://www.osvdb.org/27292http://www.osvdb.org/27293http://www.osvdb.org/27294http://www.osvdb.org/27295http://www.osvdb.org/27296http://www.osvdb.org/27297http://www.osvdb.org/27298http://www.osvdb.org/27299http://www.osvdb.org/27300http://www.osvdb.org/27301http://www.osvdb.org/27302http://www.osvdb.org/27303http://www.osvdb.org/27304http://www.osvdb.org/27305http://www.osvdb.org/27306http://www.osvdb.org/27308http://www.osvdb.org/27309http://www.osvdb.org/27310http://www.securityfocus.com/bid/19133http://www.vupen.com/english/advisories/2006/1997https://exchange.xforce.ibmcloud.com/vulnerabilities/26776https://www.exploit-db.com/exploits/1829http://secunia.com/advisories/20299http://www.osvdb.org/27253http://www.osvdb.org/27254http://www.osvdb.org/27256http://www.osvdb.org/27257http://www.osvdb.org/27258http://www.osvdb.org/27259http://www.osvdb.org/27260http://www.osvdb.org/27261http://www.osvdb.org/27262http://www.osvdb.org/27263http://www.osvdb.org/27264http://www.osvdb.org/27265http://www.osvdb.org/27266http://www.osvdb.org/27267http://www.osvdb.org/27268http://www.osvdb.org/27269http://www.osvdb.org/27270http://www.osvdb.org/27271http://www.osvdb.org/27272http://www.osvdb.org/27273http://www.osvdb.org/27274http://www.osvdb.org/27275http://www.osvdb.org/27276http://www.osvdb.org/27277http://www.osvdb.org/27278http://www.osvdb.org/27279http://www.osvdb.org/27280http://www.osvdb.org/27281http://www.osvdb.org/27282http://www.osvdb.org/27283http://www.osvdb.org/27284http://www.osvdb.org/27285http://www.osvdb.org/27286http://www.osvdb.org/27287http://www.osvdb.org/27288http://www.osvdb.org/27289http://www.osvdb.org/27290http://www.osvdb.org/27291
+ 22 more references
2006-05-31
Published