RSS   Vulnerabilities for 'Ajax file and image manager'   RSS

2011-12-14
 
CVE-2011-4825

CWE-94
 

 
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.

 


Copyright 2024, cxsecurity.com

 

Back to Top