CVE-2005-2782

Name of the Vulnerable Software and Affected Versions AutoLinks Pro version 2.1

Description The issue allows remote attackers to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter. This is possible because the blacklist only checks for "http" and "https" URLs, allowing other types of URLs to bypass the check.

Recommendations For AutoLinks Pro version 2.1, consider restricting access to the al initialize.php file or the alpath parameter to minimize the risk of exploitation until a proper fix is available. Avoid using the alpath parameter with untrusted input.