PHP remote file inclusion vulnerability in moteur/moteur.php in Prologin.fr Freenews 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.