CVE-2006-4441
Last modified
CVE-2006-4441 is a vulnerability of currently unknown severity. Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter to (1) home.php or (2) impressum.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.. EPSS estimates a 2.50% chance of exploitation in the next 30 days.
Description
Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter to (1) home.php or (2) impressum.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ay System Solutions | Ay System Solutions Cms | <= 2.6 |
References
- http://secunia.com/advisories/21661Exploit, Vendor Advisory
- http://secunia.com/advisories/21661Exploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-4441?
How severe is CVE-2006-4441?
How do I fix CVE-2006-4441?
Are you affected by CVE-2006-4441?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST