PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpl_dir parameter.
Publication date: Fri, 06 Mar 2009 17:30:00 +0000