PHP remote file inclusion vulnerability in ListRecords.php in osprey 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter.Referenceshttp://securityreason.com/securityalert/2042http://www.securityfocus.com/archive/1/448903/100/0/threaded
