7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.15 Low
EPSS
Percentile
95.8%
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter.
secunia.com/advisories/19743
securityreason.com/securityalert/742
securitytracker.com/id?1015967
www.osvdb.org/24778
www.securityfocus.com/archive/1/431351/100/0/threaded
www.securityfocus.com/archive/1/434562/100/0/threaded
www.securityfocus.com/bid/17597
www.vupen.com/english/advisories/2006/1430
exchange.xforce.ibmcloud.com/vulnerabilities/25893