PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php, (2) clmcpreload.php, (3) mcconfig.php, or (4) mcpi-demo.php.Referenceshttp://secunia.com/advisories/16090http://www.securityfocus.com/bid/14296http://www.calogic.de/modules/newbb/viewtopic.php?topic_id=333&forum=7http://www.albaniafuckgreece.org/adviso/calogic.txt
