Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONFapproot parameter to 1 tcuser.class.php, 2 absencecount.inc.php, 3 avatar.inc.php, 4 csvhandler.class.php, 5 functions.tcpro.php, 6...