CVE-2006-2929
PHP remote file inclusion vulnerability in contrib/forms/evaluation/CFormEvaluation.class.php in OpenEMR 2.8.1 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSfileroot parameter...