Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to 1 intern/admin/other/backup.php, 2 intern/admin/, 3 intern/clan/memberadd.php, 4 intern/config/key2.php, or 5 intern/config/forum.php...