CVE-2007-2364
Affected software. BurnCMS 0.2 and earlier. Vulnerability. Multiple PHP remote file inclusion vulnerabilities allow arbitrary PHP code execution when a URL is provided in the root parameter to (1) lib/db/mysql.class.php or (2) lib/db/postgres.class.php, or (3) lib/authuser.php, (4) lib/misc.php, ...