Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call.
https://exchange.xforce.ibmcloud.com/vulnerabilities/8101
http://www.securityfocus.com/bid/3988
http://sourceforge.net/tracker/index.php?func=detail&aid=507312&group_id=42076&atid=432052