CVE-2006-0755

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input in the 'baseDir' parameter allows arbitrary remote file inclusion. This can lead to remote code execution in the context of the webserver process.

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input in the 'baseDir' parameter of 'session.php' allows arbitrary remote file inclusion. This can lead to remote code execution in the context of the webserver process.

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input in the 'baseDir' parameter allows arbitrary remote file inclusion. No actual exploit code is present, only a description and example URL.

This is a writeup describing a Remote File Inclusion (RFI) vulnerability in dotProject <= 2.1.6. The vulnerability exists in the `gantt.php` file due to improper handling of the `dPconfig[root_dir]` parameter, allowing remote file inclusion when `allow_url_include` and `register_globals` are enabled.

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input in the 'dPconfig[root_dir]' parameter allows arbitrary remote file inclusion. This can lead to remote code execution in the context of the webserver process.

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input in the 'baseDir' parameter of 'gantt.php' allows arbitrary remote file inclusion. This can lead to remote code execution in the context of the webserver process.

The code describes a remote file inclusion vulnerability in Dotproject due to improper input sanitization. An attacker can exploit this to execute arbitrary PHP code by including a remote file via the 'dPconfig[root_dir]' parameter.

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input in the 'baseDir' parameter of calendar.php allows arbitrary remote file inclusion. This can lead to remote code execution in the context of the webserver process.

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input allows an attacker to include arbitrary remote files containing malicious PHP code. The example URL demonstrates the vulnerable parameter 'baseDir' in the 'vw_usr_roles.php' module.

The provided text describes a remote file inclusion vulnerability in Dotproject, where unsanitized user input in the 'dPconfig[root_dir]' parameter allows arbitrary remote file inclusion. No actual exploit code is present, only a description and example URL.