PHP local file inclusion vulnerability in index.php in IDevspot iSupport 1.8 allows remote attackers to include local files via the include_file parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/39184
http://www.securityfocus.com/archive/1/485392/100/0/threaded