There are many methods to exploit Local File Inclusion (LFI) of a vulnerability PHP web application in Linux systems. Some of them are invalid in the latest version of Linux distributions, I think. For example, those methods are processes injection, log files injection, session files injection and etc.
Unfortunately, in my recently research, I find out that PHP session files of CentOS 6.3 (maybe applied for previous versions) in default settings can be injected and loaded. However, Ubuntu 12.04 cannot. (Remarks : I did not check the other Linux distributions for this research.)
When the PHP session files can be injected and loaded along with LFI vulnerability, a remote shell can be obtained by attackers.
Basically, CentOS is a clone of RedHat Enterprise Linux.
Reference : Web vulnerabilities to gain access to the system
That's all! See you.