CVE-2005-0632 - Lardaceous Tapanuli Orang utan
Description
PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3 allows remote attackers to execute arbitrary PHP code via the path parameter.
Reference
http://www.securityfocus.com/bid/12696 http://securitytracker.com/id?1013345 http://secunia.com/advisories/14449 http://marc.info/?l=bugtraq&m=110989169008570&w=2 http://marc.info/?l=bugtraq&m=110971663824719&w=2