A vulnerability has been identified in I-Rater Platinum, which may be exploited by attackers to execute arbitrary commands. This flaw is due to input validation errors in the "include/common.php" and "admin/config_settings.tpl.php" scripts that do not validate the "include_path" variable, which could be exploited by remote attackers to include malicious scripts and execute arbitrary commands with the privileges of the web server.
