CVE-2006-5123
PHProjekt 5.1.x before 5.1.2 has multiple PHP remote file inclusion vulnerabilities. An attacker can trigger arbitrary PHP code execution by supplying a URL in the lib_path or lang_path parameters (across unspecified files). A related CVE-2006-4609 variant notes the issue in the Content Manager (...