PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3.1 allows remote attackers to execute arbitrary code via the lang_path parameter.Referenceshttp://secunia.com/advisories/16022http://www.securityfocus.com/bid/14208http://securitytracker.com/id?1014437http://spid.adnx.net/index_en.html#log
