mahmood ali wrote:
> phpLedAds 2.0(dir) File Include
> Vulnerable Code:_
>
> click.php & ledad.php & ledad_js.php
> In Line 41 :_
>
> require_once($dir . '/ad_class.php');
Right above that:
$dir = dirname(__FILE__);
if(empty($dir)) {
$dir = getcwd( );
}
if(empty($dir)) {
$dir = '.';
}
So, this is once again a case of LUGCS (Lame Usage of Google Code Search).
Flag as bogus, please...
(Gadi, how right are you...)
Stefano
