CVE-2006-4671

PHP remote file inclusion vulnerability in headlines.php in Fantastic News 2.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter, a different vector than CVE-2006-1154.

Date published : 2006-09-11

http://www.securityfocus.com/bid/21796

https://www.exploit-db.com/exploits/3027