Remote file inclusion

2006-05-0910:02:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.153 Low

EPSS

Percentile

95.9%

JSON

PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.

CPENameOperatorVersion
acaleq2.2.4
acaleq2.2.6
acaleq2.2.5

Name	Operator	Version
acal	eq	2.2.4
acal	eq	2.2.6
acal	eq	2.2.5

References

secunia.com/advisories/20041

www.osvdb.org/25340

www.securityfocus.com/bid/17886

www.vupen.com/english/advisories/2006/1692

exchange.xforce.ibmcloud.com/vulnerabilities/26278

www.exploit-db.com/exploits/1763