Unrated severityNVD Advisory· Published Aug 18, 2006· Updated Apr 16, 2026
CVE-2006-4234
CVE-2006-4234
Description
PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter.
Affected products
4cpe:2.3:a:dotproject:dotproject:2.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:dotproject:dotproject:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:dotproject:dotproject:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:dotproject:dotproject:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:dotproject:dotproject:2.0.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.