PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code.
https://exchange.xforce.ibmcloud.com/vulnerabilities/16218
http://marc.info/?l=bugtraq&m=108482888621896&w=2
http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0870.html