PHP remote file inclusion vulnerability in Ad Manager Pro 2.6 allows remote attackers to execute arbitrary PHP code via a URL in the (1) ipath parameter in common.php and (2) unspecified vectors in ad.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.116
EPSS Ranking 93.3%