PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4134)