CVE-2009-4264 Information

Description

PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier when register_globals is enabled allows remote attackers to execute arbitrary PHP code via a URL in the language_path parameter.

Reference

http://secunia.com/advisories/37567 http://www.exploit-db.com/exploits/10329