CVE-2009-3705

PHP remote file inclusion vulnerability in debugger.php in Achievo before 1.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

Date published : 2009-10-16

http://www.achievo.org/download/releasenotes/1_4_0

http://packetstormsecurity.org/0909-exploits/achievo134-rfi.txt