CVE-2009-0970
PHP Pro Bid 6.05 contains a remote file inclusion vulnerability in includes/class_image.php that is exploitable when register_globals is enabled. An attacker can supply a URL in the fileExtension parameter to cause the remote code to be executed (arbitrary PHP code). The description comes from CV...