include virtual is the currently accepted way of including CGI content with SSI. Looking at my own test case, though, I see that Apache isn't populating the QUERY_STRING as expected... the query string is only available in QUERY_STRING_UNESCAPED as the author mentioned.

Update: Reading through the Apache documentation, it looks like include virtual calls the CGI with whatever parameters you include in the SSI tag (which could include SSI variables, such as ${QUERY_STRING}. exec cgi seems to call the CGI with the environment of the requested parsed page.

--isotope
http://www.skylab.org/~isotope/