Actualscripts

Actualanalyzer

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2014-5470

  • EPSS 74.34%
  • Published 21.06.2024 22:15:10
  • Last modified 21.11.2024 02:12:07

Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation.

7.5

CVE-2006-1959

  • EPSS 16.89%
  • Published 21.04.2006 10:02:00
  • Last modified 03.04.2025 01:03:51

PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter.