CVE-2006-5904 - Overwhelming Mill
Description
Multiple PHP remote file inclusion vulnerabilities in MWChat Pro 7.0 allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[MWCHAT_Libs] parameter to (1) about.php (2) buddy.php (3) chat.php (4) dialog.php (5) head.php (6) help.php (7) index.php and (8) license.php different vectors than CVE-2005-1869.
Reference
http://securityreason.com/securityalert/1849 http://www.securityfocus.com/archive/1/450693/100/0/threaded