PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, (7) go.php3, (8) hiercons.php3, (9) jsview.php3, (10) live_checkbox.php3, (11) offline.php3, (12) post2shtml.php3, (13) search.php3, (14) slice.php3, (15) sql_update.php3, (16) view.php3, (17) multiple files in the (18) admin/ folder, (19) includes folder, and (20) modules/ folder.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 2.0 | 6.4 | MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
| CWE ID | Type | Source |
|---|---|---|
| CWE-94 | Primary | nvd@nist.gov |
| Hyperlink | Source | Resource |
|---|---|---|
| http://secunia.com/advisories/20299 | cve@mitre.org | Exploit Vendor Advisory |
| http://www.osvdb.org/27253 | cve@mitre.org | N/A |
| http://www.osvdb.org/27254 | cve@mitre.org | N/A |
| http://www.osvdb.org/27256 | cve@mitre.org | N/A |
| http://www.osvdb.org/27257 | cve@mitre.org | N/A |
| http://www.osvdb.org/27258 | cve@mitre.org | N/A |
| http://www.osvdb.org/27259 | cve@mitre.org | N/A |
| http://www.osvdb.org/27260 | cve@mitre.org | N/A |
| http://www.osvdb.org/27261 | cve@mitre.org | N/A |
| http://www.osvdb.org/27262 | cve@mitre.org | N/A |
| http://www.osvdb.org/27263 | cve@mitre.org | N/A |
| http://www.osvdb.org/27264 | cve@mitre.org | N/A |
| http://www.osvdb.org/27265 | cve@mitre.org | N/A |
| http://www.osvdb.org/27266 | cve@mitre.org | N/A |
| http://www.osvdb.org/27267 | cve@mitre.org | N/A |
| http://www.osvdb.org/27268 | cve@mitre.org | N/A |
| http://www.osvdb.org/27269 | cve@mitre.org | N/A |
| http://www.osvdb.org/27270 | cve@mitre.org | N/A |
| http://www.osvdb.org/27271 | cve@mitre.org | N/A |
| http://www.osvdb.org/27272 | cve@mitre.org | N/A |
| http://www.osvdb.org/27273 | cve@mitre.org | N/A |
| http://www.osvdb.org/27274 | cve@mitre.org | N/A |
| http://www.osvdb.org/27275 | cve@mitre.org | N/A |
| http://www.osvdb.org/27276 | cve@mitre.org | N/A |
| http://www.osvdb.org/27277 | cve@mitre.org | N/A |
| http://www.osvdb.org/27278 | cve@mitre.org | N/A |
| http://www.osvdb.org/27279 | cve@mitre.org | N/A |
| http://www.osvdb.org/27280 | cve@mitre.org | N/A |
| http://www.osvdb.org/27281 | cve@mitre.org | N/A |
| http://www.osvdb.org/27282 | cve@mitre.org | N/A |
| http://www.osvdb.org/27283 | cve@mitre.org | N/A |
| http://www.osvdb.org/27284 | cve@mitre.org | N/A |
| http://www.osvdb.org/27285 | cve@mitre.org | N/A |
| http://www.osvdb.org/27286 | cve@mitre.org | N/A |
| http://www.osvdb.org/27287 | cve@mitre.org | N/A |
| http://www.osvdb.org/27288 | cve@mitre.org | N/A |
| http://www.osvdb.org/27289 | cve@mitre.org | N/A |
| http://www.osvdb.org/27290 | cve@mitre.org | N/A |
| http://www.osvdb.org/27291 | cve@mitre.org | N/A |
| http://www.osvdb.org/27292 | cve@mitre.org | N/A |
| http://www.osvdb.org/27293 | cve@mitre.org | N/A |
| http://www.osvdb.org/27294 | cve@mitre.org | N/A |
| http://www.osvdb.org/27295 | cve@mitre.org | N/A |
| http://www.osvdb.org/27296 | cve@mitre.org | N/A |
| http://www.osvdb.org/27297 | cve@mitre.org | N/A |
| http://www.osvdb.org/27298 | cve@mitre.org | N/A |
| http://www.osvdb.org/27299 | cve@mitre.org | N/A |
| http://www.osvdb.org/27300 | cve@mitre.org | N/A |
| http://www.osvdb.org/27301 | cve@mitre.org | N/A |
| http://www.osvdb.org/27302 | cve@mitre.org | N/A |
| http://www.osvdb.org/27303 | cve@mitre.org | N/A |
| http://www.osvdb.org/27304 | cve@mitre.org | N/A |
| http://www.osvdb.org/27305 | cve@mitre.org | N/A |
| http://www.osvdb.org/27306 | cve@mitre.org | N/A |
| http://www.osvdb.org/27308 | cve@mitre.org | N/A |
| http://www.osvdb.org/27309 | cve@mitre.org | N/A |
| http://www.osvdb.org/27310 | cve@mitre.org | N/A |
| http://www.securityfocus.com/bid/19133 | cve@mitre.org | N/A |
| http://www.vupen.com/english/advisories/2006/1997 | cve@mitre.org | N/A |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26776 | cve@mitre.org | N/A |
| https://www.exploit-db.com/exploits/1829 | cve@mitre.org | N/A |
| http://secunia.com/advisories/20299 | af854a3a-2127-422b-91ae-364da2661108 | Exploit Vendor Advisory |
| http://www.osvdb.org/27253 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27254 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27256 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27257 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27258 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27259 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27260 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27261 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27262 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27263 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27264 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27265 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27266 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27267 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27268 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27269 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27270 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27271 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27272 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27273 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27274 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27275 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27276 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27277 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27278 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27279 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27280 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27281 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27282 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27283 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27284 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27285 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27286 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27287 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27288 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27289 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27290 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27291 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27292 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27293 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27294 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27295 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27296 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27297 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27298 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27299 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27300 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27301 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27302 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27303 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27304 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27305 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27306 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27308 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27309 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.osvdb.org/27310 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.securityfocus.com/bid/19133 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.vupen.com/english/advisories/2006/1997 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26776 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| https://www.exploit-db.com/exploits/1829 | af854a3a-2127-422b-91ae-364da2661108 | N/A |