CVE-2006-5255
The CVE affects gCards 1.13, where addnews.php accepts a URL in the languagefile parameter, enabling a PHP remote file inclusion that could execute arbitrary code. The root cause is the handling of languagefile in addnews.php; a note in sources mentions that languageFile is defined before use, wh...