PHP remote file inclusion vulnerability in slideshow_uploadvideo.content.php in SharedLog, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_dir] parameter.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6486)