Lucene search
ActualscriptsActualanalyzer*
2 matches found
CVE-2006-1959
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter.
7.5CVSS7.7AI score0.1689EPSS
CVE-2014-5470
Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation.
9.8CVSS7.1AI score0.56785EPSS