CVE-2006-5020

SolidState 0.4 - RCE

Title source: llm

Description

Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoicePage.class.php, (3) AddIPAddressPage.class.php, (4) AddPaymentPage.class.php, (5) AddTaxRulePage.class.php, (6) AssignDomainPage.class.php, (7) AssignHostingPage.class.php, (8) AssignProductPage.class.php, (9) BillingPage.class.php, (10) BillingPaymentPage.class.php, (11) BrowseAccountsPage.class.php, (12) BrowseInvoicesPage.class.php, (13) ConfigureEditUserPage.class.php, (14) ConfigureNewUserPage.class.php, (15) ConfigureNewUserReceiptPage.class.php, (16) ConfigureUsersPage.class.php, (17) DeleteAccountPage.class.php, (18) DeleteDomainServicePage.class.php, (19) DeleteHostingServicePage.class.php, (20) DeleteInvoicePage.class.php, (21) DeleteProductPage.class.php, (22) DeleteServerPage.class.php, (23) DomainServicesPage.class.php, (24) DomainsPage.class.php, (25) EditAccountPage.class.php, (26) EditDomainPage.class.php, (27) EditDomainServicePage.class.php, (28) EditHostingServicePage.class.php, (29) EditPaymentPage.class.php, (30) EditProductPage.class.php, (31) EditServerPage.class.php, (32) EmailInvoicePage.class.php, (33) ExecuteOrderPage.class.php, (34) ExpiredDomainsPage.class.php, (35) FulfilledOrdersPage.class.php, (36) GenerateInvoicesPage.class.php, (37) HomePage.class.php, (38) InactiveAccountsPage.class.php, (39) IPManagerPage.class.php, (40) LoginPage.class.php, (41) LogPage.class.php, (42) ModulesPage.class.php, (43) NewAccountPage.class.php, (44) NewDomainServicePage.class.php, (45) NewProductPage.class.php, (46) OutstandingInvoicesPage.class.php, (47) PendingAccountsPage.class.php, (48) PendingOrdersPage.class.php, (49) PrintInvoicePage.class.php, (50) ProductsPage.class.php, (51) RegisterDomainPage.class.php, (52) RegisteredDomainsPage.class.php, (53) ServersPage.class.php, (54) ServicesHostingServicesPage.class.php, (55) ServicesNewHostingPage.class.php, (56) ServicesPage.class.php, (57) ServicesWebHostingPage.class.php, (58) SettingsPage.class.php, (59) TaxesPage.class.php, (60) TransferDomainPage.class.php, (61) ViewAccountPage.class.php, (62) ViewDomainServicePage.class.php, (63) ViewHostingServicePage.class.php, (64) ViewInvoicePage.class.php, (65) ViewLogMessagePage.class.php, (66) ViewOrderPage.class.php, (67) ViewProductPage.class.php, (68) ViewServerPage.class.php, (69) WelcomeEmailPage.class.php; and (70) modules/RegistrarModule.class.php, (71) modules/SolidStateModule.class.php, (72) modules/authorizeaim/authorizeaim.class.php, and (73) modules/authorizeaim/pages/AAIMConfigPage.class.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kacper · textwebappsphp

https://www.exploit-db.com/exploits/2413

View Code ZIP pw:eip

References (64)

Core 64

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31141

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/29095

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31120

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31147

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31139

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31192

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31106

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31135

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31117

Various Sources mailing-list x_refsource_vim

http://attrition.org/pipermail/vim/2007-January/001210.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31144

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21934

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31100

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31112

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31109

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31193

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31115

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31131

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31203

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31194

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31146

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31191

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31105

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31119

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31197

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31136

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31116

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31099

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31114

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31134

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31190

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31145

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31122

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31111

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31104

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31113

Various Sources x_refsource_confirm

http://www.solid-state.org/index.php?name=PNphpBB2&file=portal&article=1

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31199

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31128

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/2413

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31125

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31107

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31098

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31137

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31200

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31143

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31198

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31123

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31126

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31124

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31201

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31097

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31110

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31121

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31133

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31138

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31130

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31127

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31202

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31108

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31129

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31132

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31118

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/31142

Scores

EPSS 0.1104

EPSS Percentile 93.5%

Details

Status published

Products (1)

solidstate/solidstate < 0.4

Published Sep 27, 2006

Tracked Since Feb 18, 2026