Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the (1) NomVote and (2) FilePalHex parameters.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/36047http://www.securityfocus.com/bid/25335http://www.securityfocus.com/archive/1/476672/100/0/threaded
