CVE-2006-3042 Information

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php and the (2) go_info[server][classes_root] parameter in (b) app.inc.php (c) login.php and (d) trylogin.php. NOTE: this issue has been disputed by the vendor who states that the original researcher \reviewed the installation tarball that is not identical with the resulting system after installtion. The file where the $go_info array is declared … is created by the installer.\

Reference

http://securityreason.com/securityalert/1098 http://www.osvdb.org/27474 http://www.securityfocus.com/archive/1/437117/100/0/threaded http://www.securityfocus.com/archive/1/437415/100/100/threaded http://www.securityfocus.com/bid/18441