PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 allows remote malicious users to execute arbitrary code via a URL in the pathToFiles parameter.
minibb forum 2