Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2006-2686

Published: 31/05/2006 Updated: 19/10/2017
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 645
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Subscribe to Actionapps

Vulnerability Summary

PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, (7) go.php3, (8) hiercons.php3, (9) jsview.php3, (10) live_checkbox.php3, (11) offline.php3, (12) post2shtml.php3, (13) search.php3, (14) slice.php3, (15) sql_update.php3, (16) view.php3, (17) multiple files in the (18) admin/ folder, (19) includes folder, and (20) modules/ folder.

Vulnerable Product Search on Vulmon Subscribe to Product

actionapps actionapps 2.8.1

Exploits

Exploit DB: APC ActionApps CMS 2.8.1 - Remote File Inclusion
################ DEVIL TEAM THE BEST POLISH TEAM ################# #APC ActionApps CMS (281) - Remote File Include Vulnerabilities #Find by Kacper (Rahim) #Greetings For ALL DEVIL TEAM members, Special DragonHeart :*** #Contact: kacper1964@yahoopl or wwwdevilteamyumpl #site: sourceforgenet/projects/apc-aa/ ################ ...

References

CWE-94http://secunia.com/advisories/20299http://www.osvdb.org/27256http://www.osvdb.org/27257http://www.osvdb.org/27260http://www.osvdb.org/27261http://www.osvdb.org/27262http://www.osvdb.org/27263http://www.osvdb.org/27275http://www.osvdb.org/27282http://www.osvdb.org/27285http://www.osvdb.org/27297http://www.osvdb.org/27298http://www.osvdb.org/27300http://www.osvdb.org/27301http://www.osvdb.org/27302http://www.osvdb.org/27303http://www.osvdb.org/27305http://www.osvdb.org/27310http://www.osvdb.org/27253http://www.osvdb.org/27254http://www.osvdb.org/27258http://www.osvdb.org/27259http://www.osvdb.org/27266http://www.osvdb.org/27267http://www.osvdb.org/27268http://www.osvdb.org/27269http://www.osvdb.org/27272http://www.osvdb.org/27273http://www.osvdb.org/27274http://www.osvdb.org/27276http://www.osvdb.org/27277http://www.osvdb.org/27278http://www.osvdb.org/27279http://www.osvdb.org/27280http://www.osvdb.org/27281http://www.osvdb.org/27283http://www.osvdb.org/27284http://www.osvdb.org/27286http://www.osvdb.org/27287http://www.osvdb.org/27288http://www.osvdb.org/27292http://www.osvdb.org/27293http://www.osvdb.org/27294http://www.osvdb.org/27295http://www.osvdb.org/27296http://www.osvdb.org/27304http://www.osvdb.org/27264http://www.osvdb.org/27265http://www.osvdb.org/27270http://www.osvdb.org/27271http://www.osvdb.org/27289http://www.osvdb.org/27290http://www.osvdb.org/27291http://www.osvdb.org/27299http://www.osvdb.org/27306http://www.osvdb.org/27308http://www.osvdb.org/27309http://www.securityfocus.com/bid/19133http://www.vupen.com/english/advisories/2006/1997https://exchange.xforce.ibmcloud.com/vulnerabilities/26776https://www.exploit-db.com/exploits/1829https://nvd.nist.govhttps://www.exploit-db.com/exploits/1829/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661open redirectCVE-2024-25512CVE-2024-33788command injectionSSTICVE-2024-0043CVE-2024-29210CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook