CVE-2006-4423

Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSBIGACEDIRadmin parameter in a system/command/admin.cmd.php, b admin/include/uploadform.php, and c admin/include/itemmain.php; and the 2...