mahmood ali wrote: > phpLedAds 2.0(dir) File Include > Vulnerable Code:_ > > click.php & ledad.php & ledad_js.php > In Line 41 :_ > > require_once($dir . '/ad_class.php'); Right above that: $dir = dirname(__FILE__); if(empty($dir)) { $dir = getcwd( ); } if(empty($dir)) { $dir = '.'; } So, this is once again a case of LUGCS (Lame Usage of Google Code Search). Flag as bogus, please... (Gadi, how right are you...) Stefano