PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote malicious users to execute arbitrary PHP code via a URL in the url parameter.
source: wwwsecurityfocuscom/bid/17423/info
SPIP is prone to a remote file-include vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver pr ...