Vulnerabilities > CVE-2006-5919 - Remote File Include vulnerability in Activecampaign Knowledgebuilder 2.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
activecampaign
exploit available
NVD
Published: 2006-11-15
Updated: 2018-10-17

Summary

PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131.

Vulnerable Configurations

Part Description Count
Application
Activecampaign
1

Exploit-Db

descriptionKnowledgeBuilder <= 2.2 (visEdit_root) Remote File Include Vulnerability. CVE-2006-5919. Webapps exploit for php platform
fileexploits/php/webapps/2364.txt
idEDB-ID:2364
last seen2016-01-31
modified2006-09-13
platformphp
port
published2006-09-13
reporterigi
sourcehttps://www.exploit-db.com/download/2364/
titleKnowledgeBuilder <= 2.2 visEdit_root Remote File Include Vulnerability
typewebapps

References