{
  "schema_version": "1.4.0",
  "id": "GHSA-w8jp-2wxg-495f",
  "modified": "2022-05-01T07:01:24Z",
  "published": "2022-05-01T07:01:24Z",
  "aliases": [
    "CVE-2006-2686"
  ],
  "details": "PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, (7) go.php3, (8) hiercons.php3, (9) jsview.php3, (10) live_checkbox.php3, (11) offline.php3, (12) post2shtml.php3, (13) search.php3, (14) slice.php3, (15) sql_update.php3, (16) view.php3, (17) multiple files in the (18) admin/ folder, (19) includes folder, and (20) modules/ folder.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2686"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26776"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/1829"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20299"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27253"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27254"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27256"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27257"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27258"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27259"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27260"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27261"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27262"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27263"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27264"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27265"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27266"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27267"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27268"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27269"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27270"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27271"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27272"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27273"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27274"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27275"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27276"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27277"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27278"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27279"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27280"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27281"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27282"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27283"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27284"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27285"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27286"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27287"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27288"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27289"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27290"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27291"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27292"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27293"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27294"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27295"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27296"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27297"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27298"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27299"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27300"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27301"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27302"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27303"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27304"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27305"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27306"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27308"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27309"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27310"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19133"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1997"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "severity": "MODERATE",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-05-31T10:06:00Z"
  }
}