Family: CGI abuses --> Category: attack
AutoLinks Pro alpath Parameter File Include Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for alpath parameter file include vulnerability in AutoLinks Pro
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that suffers from a remote
file include flaw.
The remote host is running AutoLinks Pro, a commercial link management
The version of AutoLinks Pro installed on the remote host allows
attackers to control the 'alpath' parameter used when including PHP
code in the 'al_initialize.php' script. By leveraging this flaw, an
unauthenticated attacker is able to view arbitrary files on the remote
host and to execute arbitrary PHP code, possibly taken from third-
Unknown at this time.
Medium / CVSS Base Score : 6
Click HERE for more information and discussions on this network vulnerability scan.