1. CVE-Search
  2. CVE-2006-5831
ID CVE-2006-5831
Summary PHP remote file inclusion vulnerability in admin/code/index.php in All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the load_page parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:aiocp:aiocp:1.3.000:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.000:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.001:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.001:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.002:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.002:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.003:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.003:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.004:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.004:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.005:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.005:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.006:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.006:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.007:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.007:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 17-10-2018 - 21:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 20931
bugtraq 20061106 AIOCP <=1.3.007 multiples vulnerabilities [sql , remote file include , xss]
misc http://sourceforge.net/project/shownotes.php?release_id=478370
sreason 1839
xf aiocp-index-file-include(30050)
Last major update 17-10-2018 - 21:45
Published 10-11-2006 - 01:07
Last modified 17-10-2018 - 21:45
Back to Top