CVE-2006-4531

Vulnerability: PHP remote file inclusion in Pheap CMS 1.1 and earlier. Product: Pheap CMS, file lib/config.php; vector: lpref parameter taking a URL to include, enabling remote PHP code execution. Impact: potential arbitrary PHP execution on affected installations. Root cause: unsafely including ...