Remote file inclusion

2006-04-2110:02:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

0.15 Low

EPSS

Percentile

95.8%

JSON

PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter.

CPENameOperatorVersion
actualanalyzereq7.63 gold
actualanalyzerle8.23
actualanalyzereq2.72 lite

Name	Operator	Version
actualanalyzer	eq	7.63 gold
actualanalyzer	le	8.23
actualanalyzer	eq	2.72 lite

References

secunia.com/advisories/19743

securityreason.com/securityalert/742

securitytracker.com/id?1015967

www.osvdb.org/24778

www.securityfocus.com/archive/1/431351/100/0/threaded

www.securityfocus.com/archive/1/434562/100/0/threaded

www.securityfocus.com/bid/17597

www.vupen.com/english/advisories/2006/1430

exchange.xforce.ibmcloud.com/vulnerabilities/25893