CVE-2006-5667
Multiple PHP remote file inclusion vulnerabilities in P-Book 1.17 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pb_lang parameter to (1) admin.php and (2) pbook.php.
Date published : 2006-11-02
http://www.securityfocus.com/archive/1/449106/100/200/threaded