For fixing only the critical security bug, there is a patch available
on http://downloads.sourceforge.net/ispcp/ispcp-omega-1.0.0-rc2-security-patch.txt
With the next command you can install the patch:
patch -cl -d /var/www/ispcp < /path/to/ispcp-omega-1.0.0-rc2-security-patch.txt
To manually fix the security bug add the following line above in the
file /var/www/ispcp/gui/include/sql.php immediately below the
commented text (around line 20):
$include_path = realpath(dirname(__FILE__));
We thank Raphael to reporting this security bug and we hope everyone
using ispCP Omega will patch this bug.