Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0970

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0970
Last Modified 05 Sep 2008 05:00:41
Published 03 Mar 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0970

Summary

PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter.

Vulnerable Systems

Application

  • Activecampaign 1-2-all

  • Activecampaign General

  • Activecampaign Isalient

  • Activecampaign Knowledgebuilder

  • Activecampaign Supporttrio

  • Activecampaign Visualedit


References

BUGTRAQ - 20060227 Knowledgebases Remote Command Exucetion

XF - activecampaign-index-command-execution(24989)

OSVDB - 3228

SREASON - 505


Last Updated: 27 May 2016 10:41:52