Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) news.php, (2) search.php, or (3) whosOnline.php.Referenceshttp://securityreason.com/securityalert/1315http://securitytracker.com/id?1016557http://www.osvdb.org/28675http://securitytracker.com/id?1016558http://www.osvdb.org/28676http://www.securityfocus.com/archive/1/440875/100/100/threadedhttp://www.osvdb.org/28674http://www.securityfocus.com/bid/19095http://www.securityfocus.com/archive/1/440839/100/100/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/27905
