Retired: AllMyLinks Index.PHP Remote File Include Vulnerability

AllMyLinks is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

AllMyLinks 0.5.0 is vulnerable; other versions may also be affected.

NOTE: Further analysis reveals that the reported script is not vulnerable to remote file includes due to security measures present in the script. Therefore this BID is being retired.


 

Privacy Statement
Copyright 2010, SecurityFocus