CVE-2009-4224
The CVE affects SweetRice versions 0.5.4, 0.5.3 and earlier. It describes PHP remote file inclusion via a URL supplied in the root_dir parameter to two paths: _plugin/subscriber/inc/post.php and as/lib/news_modify.php, allowing arbitrary PHP code execution on affected systems. The connected docum...