PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0502)