CVE-2011-4825
N/A
N/A
Summary
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.zenphoto.org/trac/ticket/2005
- http://www.phpmyfaq.de/advisory_2011-10-25.php
- http://www.phpletter.com/en/DOWNLOAD/1/
- http://www.securityfocus.com/bid/50523
- http://www.exploit-db.com/exploits/18075
References
- http://www.zenphoto.org/trac/ticket/2005
- http://www.phpmyfaq.de/advisory_2011-10-25.php
- http://www.phpletter.com/en/DOWNLOAD/1/
- http://www.securityfocus.com/bid/50523
- http://www.exploit-db.com/exploits/18075
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.