CVE-2006-2881
Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dapath parameter in the 1 auth.cookie.inc.php, 2 auth.header.inc.php, or 3 auth.sessions.inc.php scripts...