An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.Referenceshttps://gist.github.com/RNPG/c1ae240f2acec138132aa64ce3faa2e0