CVE-2006-6710
Multiple PHP remote file inclusion vulnerabilities affect PgmReloaded 0.8.5 and earlier. An attacker can cause arbitrary PHP code execution by supplying URLs to (a) lang in index.php, (b) CFG[libdir] and CFG[localedir] in common.inc.php, and (c) CFG[localelangdir] in form_header.php. Root cause i...