PHP remote file inclusion vulnerability in include/user.php in the NoBoard BETA module for MKPortal allows remote attackers to execute arbitrary PHP code via a URL in the MK_PATH parameter.Referenceshttps://www.exploit-db.com/exploits/4180https://exchange.xforce.ibmcloud.com/vulnerabilities/35426http://osvdb.org/36265
