XML-RPC for PHP allows access to local files via malicious argument to the Client::send method

Abusing the $method argument of Client::send, it was possible to force the client to access local files or connect to undesired urls instead of the intended target server's url the one used in the Client constructor. This weakness only affects installations where all the following conditions appl...