PHP remote file inclusion vulnerability in modules.php in eXPerience2 allows remote attackers to execute arbitrary PHP code by modifying the file parameter to reference a URL on a remote web server that contains the code.Referenceshttp://marc.info/?l=bugtraq&m=111030766324600&w=2
