CVE-2009-4666
Webradev Download Protect 1.0 contains multiple PHP remote file inclusion vulnerabilities. The flaw allows an attacker to cause arbitrary PHP code execution by supplying a crafted URL via the GLOBALS[RootPath] parameter targeting files in includes/DProtect/, specifically Framework/EmailTemplates....