CVE-2008-5949

Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 and 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the cctbase parameter to 1 index.php; 2 handle/proxy.php; 3 header.php, 4 include.php, and 5 workspace.php in includes/; and 6 plugins/RSS/files/rss.php...