CVE-2006-4234

2006-08-1819:55:00

mitre

www.cve.org

AI Score

7.6

Confidence

High

EPSS

0.056

Percentile

93.3%

JSON

PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter.

References

www.securityfocus.com/bid/19547

www.vupen.com/english/advisories/2006/3297

exchange.xforce.ibmcloud.com/vulnerabilities/28401

www.exploit-db.com/exploits/2191