PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.Referenceshttp://www.exploit-db.com/exploits/11621http://www.securityfocus.com/bid/38522https://exchange.xforce.ibmcloud.com/vulnerabilities/56675http://packetstormsecurity.org/1003-exploits/gnattgp-rfi.txt
