PHP remote file inclusion vulnerability in common.inc.php in PgMarket 2.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CFG[libdir] parameter.Referenceshttp://www.securityfocus.com/bid/19439http://securityreason.com/securityalert/1375http://www.securityfocus.com/archive/1/442684/100/0/threadedhttp://www.vupen.com/english/advisories/2006/3240https://exchange.xforce.ibmcloud.com/vulnerabilities/28290
