CVE-2006-5020

critical

Description

Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoicePage.class.php, (3) AddIPAddressPage.class.php, (4) AddPaymentPage.class.php, (5) AddTaxRulePage.class.php, (6) AssignDomainPage.class.php, (7) AssignHostingPage.class.php, (8) AssignProductPage.class.php, (9) BillingPage.class.php, (10) BillingPaymentPage.class.php, (11) BrowseAccountsPage.class.php, (12) BrowseInvoicesPage.class.php, (13) ConfigureEditUserPage.class.php, (14) ConfigureNewUserPage.class.php, (15) ConfigureNewUserReceiptPage.class.php, (16) ConfigureUsersPage.class.php, (17) DeleteAccountPage.class.php, (18) DeleteDomainServicePage.class.php, (19) DeleteHostingServicePage.class.php, (20) DeleteInvoicePage.class.php, (21) DeleteProductPage.class.php, (22) DeleteServerPage.class.php, (23) DomainServicesPage.class.php, (24) DomainsPage.class.php, (25) EditAccountPage.class.php, (26) EditDomainPage.class.php, (27) EditDomainServicePage.class.php, (28) EditHostingServicePage.class.php, (29) EditPaymentPage.class.php, (30) EditProductPage.class.php, (31) EditServerPage.class.php, (32) EmailInvoicePage.class.php, (33) ExecuteOrderPage.class.php, (34) ExpiredDomainsPage.class.php, (35) FulfilledOrdersPage.class.php, (36) GenerateInvoicesPage.class.php, (37) HomePage.class.php, (38) InactiveAccountsPage.class.php, (39) IPManagerPage.class.php, (40) LoginPage.class.php, (41) LogPage.class.php, (42) ModulesPage.class.php, (43) NewAccountPage.class.php, (44) NewDomainServicePage.class.php, (45) NewProductPage.class.php, (46) OutstandingInvoicesPage.class.php, (47) PendingAccountsPage.class.php, (48) PendingOrdersPage.class.php, (49) PrintInvoicePage.class.php, (50) ProductsPage.class.php, (51) RegisterDomainPage.class.php, (52) RegisteredDomainsPage.class.php, (53) ServersPage.class.php, (54) ServicesHostingServicesPage.class.php, (55) ServicesNewHostingPage.class.php, (56) ServicesPage.class.php, (57) ServicesWebHostingPage.class.php, (58) SettingsPage.class.php, (59) TaxesPage.class.php, (60) TransferDomainPage.class.php, (61) ViewAccountPage.class.php, (62) ViewDomainServicePage.class.php, (63) ViewHostingServicePage.class.php, (64) ViewInvoicePage.class.php, (65) ViewLogMessagePage.class.php, (66) ViewOrderPage.class.php, (67) ViewProductPage.class.php, (68) ViewServerPage.class.php, (69) WelcomeEmailPage.class.php; and (70) modules/RegistrarModule.class.php, (71) modules/SolidStateModule.class.php, (72) modules/authorizeaim/authorizeaim.class.php, and (73) modules/authorizeaim/pages/AAIMConfigPage.class.php.

References

https://www.exploit-db.com/exploits/2413

https://exchange.xforce.ibmcloud.com/vulnerabilities/29095

http://www.solid-state.org/index.php?name=PNphpBB2&file=portal&article=1

http://www.securityfocus.com/bid/21934

http://www.osvdb.org/31203

http://www.osvdb.org/31202

http://www.osvdb.org/31201

http://www.osvdb.org/31200

http://www.osvdb.org/31199

http://www.osvdb.org/31198

http://www.osvdb.org/31197

http://www.osvdb.org/31194

http://www.osvdb.org/31193

http://www.osvdb.org/31192

http://www.osvdb.org/31191

http://www.osvdb.org/31190

http://www.osvdb.org/31147

http://www.osvdb.org/31146

http://www.osvdb.org/31145

http://www.osvdb.org/31144

http://www.osvdb.org/31143

http://www.osvdb.org/31142

http://www.osvdb.org/31141

http://www.osvdb.org/31139

http://www.osvdb.org/31138

http://www.osvdb.org/31137

http://www.osvdb.org/31136

http://www.osvdb.org/31135

http://www.osvdb.org/31134

http://www.osvdb.org/31133

http://www.osvdb.org/31132

http://www.osvdb.org/31131

http://www.osvdb.org/31130

http://www.osvdb.org/31129

http://www.osvdb.org/31128

http://www.osvdb.org/31127

http://www.osvdb.org/31126

http://www.osvdb.org/31125

http://www.osvdb.org/31124

http://www.osvdb.org/31123

http://www.osvdb.org/31122

http://www.osvdb.org/31121

http://www.osvdb.org/31120

http://www.osvdb.org/31119

http://www.osvdb.org/31118

http://www.osvdb.org/31117

http://www.osvdb.org/31116

http://www.osvdb.org/31115

http://www.osvdb.org/31114

http://www.osvdb.org/31113

http://www.osvdb.org/31112

http://www.osvdb.org/31111

http://www.osvdb.org/31110

http://www.osvdb.org/31109

http://www.osvdb.org/31108

http://www.osvdb.org/31107

http://www.osvdb.org/31106

http://www.osvdb.org/31105

http://www.osvdb.org/31104

http://www.osvdb.org/31100

http://www.osvdb.org/31099

http://www.osvdb.org/31098

http://www.osvdb.org/31097

http://attrition.org/pipermail/vim/2007-January/001210.html

Details

Source: Mitre, NVD

Published: 2006-09-27

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.07544