CVE-2009-4739

PHP remote file inclusion vulnerability in index.php in SkaDate Dating allows remote attackers to execute arbitrary PHP code via a URL in the language_id parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences.

Date published : 2010-03-26

http://www.securityfocus.com/bid/35813

http://www.exploit-db.com/exploits/9260