CVE-2006-7194
The CVE describes a PHP remote file inclusion in Agora 1.4 RC1 (MysqlfinderAdmin.php) where enabling register_globals allows an attacker to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter. This is a server-side code execution risk exposed through a local file inclus...