Multiple PHP remote file inclusion vulnerabilities in index.php in Dayfox Blog allow remote attackers to execute arbitrary PHP code via a URL in the (1) page, (2) subject, and (3) q parameters.Referenceshttp://secunia.com/advisories/23661http://www.vupen.com/english/advisories/2007/0099http://www.securityfocus.com/archive/1/456212/100/0/threadedhttp://osvdb.org/31259http://securityreason.com/securityalert/2117https://exchange.xforce.ibmcloud.com/vulnerabilities/31336
