CVE-2009-4319
CVE-2009-4319 describes a PHP remote file inclusion in eoCMS (version 0.9.03 and earlier) via js/bbcodepress/bbcode-form.php. The flaw occurs when register_globals is enabled and allows an attacker to execute arbitrary PHP code by supplying a URL in the BBCODE_path parameter. The available source...