Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoicePage.class.php, (3) AddIPAddressPage.class.php, (4) AddPaymentPage.class.php, (5) AddTaxRulePage.class.php, (6) AssignDomainPage.class.php, (7) AssignHostingPage.class.php, (8) AssignProductPage.class.php, (9) BillingPage.class.php, (10) BillingPaymentPage.class.php, (11) BrowseAccountsPage.class.php, (12) BrowseInvoicesPage.class.php, (13) ConfigureEditUserPage.class.php, (14) ConfigureNewUserPage.class.php, (15) ConfigureNewUserReceiptPage.class.php, (16) ConfigureUsersPage.class.php, (17) DeleteAccountPage.class.php, (18) DeleteDomainServicePage.class.php, (19) DeleteHostingServicePage.class.php, (20) DeleteInvoicePage.class.php, (21) DeleteProductPage.class.php, (22) DeleteServerPage.class.php, (23) DomainServicesPage.class.php, (24) DomainsPage.class.php, (25) EditAccountPage.class.php, (26) EditDomainPage.class.php, (27) EditDomainServicePage.class.php, (28) EditHostingServicePage.class.php, (29) EditPaymentPage.class.php, (30) EditProductPage.class.php, (31) EditServerPage.class.php, (32) EmailInvoicePage.class.php, (33) ExecuteOrderPage.class.php, (34) ExpiredDomainsPage.class.php, (35) FulfilledOrdersPage.class.php, (36) GenerateInvoicesPage.class.php, (37) HomePage.class.php, (38) InactiveAccountsPage.class.php, (39) IPManagerPage.class.php, (40) LoginPage.class.php, (41) LogPage.class.php, (42) ModulesPage.class.php, (43) NewAccountPage.class.php, (44) NewDomainServicePage.class.php, (45) NewProductPage.class.php, (46) OutstandingInvoicesPage.class.php, (47) PendingAccountsPage.class.php, (48) PendingOrdersPage.class.php, (49) PrintInvoicePage.class.php, (50) ProductsPage.class.php, (51) RegisterDomainPage.class.php, (52) RegisteredDomainsPage.class.php, (53) ServersPage.class.php, (54) ServicesHostingServicesPage.class.php, (55) ServicesNewHostingPage.class.php, (56) ServicesPage.class.php, (57) ServicesWebHostingPage.class.php, (58) SettingsPage.class.php, (59) TaxesPage.class.php, (60) TransferDomainPage.class.php, (61) ViewAccountPage.class.php, (62) ViewDomainServicePage.class.php, (63) ViewHostingServicePage.class.php, (64) ViewInvoicePage.class.php, (65) ViewLogMessagePage.class.php, (66) ViewOrderPage.class.php, (67) ViewProductPage.class.php, (68) ViewServerPage.class.php, (69) WelcomeEmailPage.class.php; and (70) modules/RegistrarModule.class.php, (71) modules/SolidStateModule.class.php, (72) modules/authorizeaim/authorizeaim.class.php, and (73) modules/authorizeaim/pages/AAIMConfigPage.class.php.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Solidstate
  • Solidstate

Configuration 1 [-]

cpe:2.3:a:solidstate:solidstate:*:*:*:*:*:*:*:*

No data.

References
Link Providers
http://attrition.org/pipermail/vim/2007-January/001210.html cve-icon cve-icon
http://www.osvdb.org/31097 cve-icon cve-icon
http://www.osvdb.org/31098 cve-icon cve-icon
http://www.osvdb.org/31099 cve-icon cve-icon
http://www.osvdb.org/31100 cve-icon cve-icon
http://www.osvdb.org/31104 cve-icon cve-icon
http://www.osvdb.org/31105 cve-icon cve-icon
http://www.osvdb.org/31106 cve-icon cve-icon
http://www.osvdb.org/31107 cve-icon cve-icon
http://www.osvdb.org/31108 cve-icon cve-icon
http://www.osvdb.org/31109 cve-icon cve-icon
http://www.osvdb.org/31110 cve-icon cve-icon
http://www.osvdb.org/31111 cve-icon cve-icon
http://www.osvdb.org/31112 cve-icon cve-icon
http://www.osvdb.org/31113 cve-icon cve-icon
http://www.osvdb.org/31114 cve-icon cve-icon
http://www.osvdb.org/31115 cve-icon cve-icon
http://www.osvdb.org/31116 cve-icon cve-icon
http://www.osvdb.org/31117 cve-icon cve-icon
http://www.osvdb.org/31118 cve-icon cve-icon
http://www.osvdb.org/31119 cve-icon cve-icon
http://www.osvdb.org/31120 cve-icon cve-icon
http://www.osvdb.org/31121 cve-icon cve-icon
http://www.osvdb.org/31122 cve-icon cve-icon
http://www.osvdb.org/31123 cve-icon cve-icon
http://www.osvdb.org/31124 cve-icon cve-icon
http://www.osvdb.org/31125 cve-icon cve-icon
http://www.osvdb.org/31126 cve-icon cve-icon
http://www.osvdb.org/31127 cve-icon cve-icon
http://www.osvdb.org/31128 cve-icon cve-icon
http://www.osvdb.org/31129 cve-icon cve-icon
http://www.osvdb.org/31130 cve-icon cve-icon
http://www.osvdb.org/31131 cve-icon cve-icon
http://www.osvdb.org/31132 cve-icon cve-icon
http://www.osvdb.org/31133 cve-icon cve-icon
http://www.osvdb.org/31134 cve-icon cve-icon
http://www.osvdb.org/31135 cve-icon cve-icon
http://www.osvdb.org/31136 cve-icon cve-icon
http://www.osvdb.org/31137 cve-icon cve-icon
http://www.osvdb.org/31138 cve-icon cve-icon
http://www.osvdb.org/31139 cve-icon cve-icon
http://www.osvdb.org/31141 cve-icon cve-icon
http://www.osvdb.org/31142 cve-icon cve-icon
http://www.osvdb.org/31143 cve-icon cve-icon
http://www.osvdb.org/31144 cve-icon cve-icon
http://www.osvdb.org/31145 cve-icon cve-icon
http://www.osvdb.org/31146 cve-icon cve-icon
http://www.osvdb.org/31147 cve-icon cve-icon
http://www.osvdb.org/31190 cve-icon cve-icon
http://www.osvdb.org/31191 cve-icon cve-icon
http://www.osvdb.org/31192 cve-icon cve-icon
http://www.osvdb.org/31193 cve-icon cve-icon
http://www.osvdb.org/31194 cve-icon cve-icon
http://www.osvdb.org/31197 cve-icon cve-icon
http://www.osvdb.org/31198 cve-icon cve-icon
http://www.osvdb.org/31199 cve-icon cve-icon
http://www.osvdb.org/31200 cve-icon cve-icon
http://www.osvdb.org/31201 cve-icon cve-icon
http://www.osvdb.org/31202 cve-icon cve-icon
http://www.osvdb.org/31203 cve-icon cve-icon
http://www.securityfocus.com/bid/21934 cve-icon cve-icon
http://www.solid-state.org/index.php?name=PNphpBB2&file=portal&article=1 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/29095 cve-icon cve-icon
https://www.exploit-db.com/exploits/2413 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-09-27T23:00:00

Updated: 2024-08-07T19:32:22.868Z

Reserved: 2006-09-27T00:00:00

Link: CVE-2006-5020

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-09-27T23:07:00.000

Modified: 2017-10-19T01:29:28.173

Link: CVE-2006-5020

cve-icon Redhat

No data.