CVE-2006-4065
CVE-2006-4065 concerns PHP remote file inclusion in Dmitry Sheiko SAPID Gallery 1.0 and earlier. Vulnerability arises when an attacker crafts a URL parameter to cause inclusion of arbitrary PHP code: (1) root_path to usr/extensions/get_calendar.inc.php or (2) GLOBALS[root_path] to usr/extensions/...