CVE-2009-0444
GRBoard 1.8 is vulnerable to multiple PHP remote file inclusion attacks when register_globals is on and magic_quotes_gpc is off. The flaw allows an attacker-controlled URL parameter (theme) to cause arbitrary PHP code execution via various theme-related scripts (e.g., 179_squarebox_*/view.php) an...