PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote malicious users to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for "http" and "https" URLs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
autolinks autolinks 2.1 |