Published: 15/12/2011 Updated: 15/12/2011

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 780

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Ajax File And Image Manager

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager prior to 1.1, as used in tinymce prior to 1.4.2, phpMyFAQ 2.6 prior to 2.6.19 and 2.7 prior to 2.7.1, and possibly other products, allows remote malicious users to inject arbitrary PHP code into data.php via crafted parameters.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpletter ajax file and image manager 1.0
phpletter ajax file and image manager 0.5.7
phpletter ajax file and image manager 0.5.5
phpletter ajax file and image manager 0.5
phpletter ajax file and image manager
phpmyfaq phpmyfaq 2.7.0
phpmyfaq phpmyfaq 2.6.10
phpmyfaq phpmyfaq 2.6.5
phpmyfaq phpmyfaq 2.6.4
phpmyfaq phpmyfaq 2.6.3
phpletter ajax file and image manager 0.9
phpletter ajax file and image manager 0.7.10
phpletter ajax file and image manager 0.6.12
phpmyfaq phpmyfaq 2.6.18
phpmyfaq phpmyfaq 2.6.16
phpmyfaq phpmyfaq 2.6.8
phpmyfaq phpmyfaq 2.6.6
phpmyfaq phpmyfaq 2.6.2
phpmyfaq phpmyfaq 2.6.0
phpletter ajax file and image manager 0.8.24
phpletter ajax file and image manager 0.8.9
phpletter ajax file and image manager 0.8.8
phpletter ajax file and image manager 0.8
phpmyfaq phpmyfaq 2.6.14
phpmyfaq phpmyfaq 2.6.13
phpmyfaq phpmyfaq 2.6.12
phpmyfaq phpmyfaq 2.6.11
phpletter ajax file and image manager 0.7.8
phpletter ajax file and image manager 0.6
phpmyfaq phpmyfaq 2.6.17
phpmyfaq phpmyfaq 2.6.15
phpmyfaq phpmyfaq 2.6.9
phpmyfaq phpmyfaq 2.6.7
phpmyfaq phpmyfaq 2.6.1
tinymce tinymce

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking ...

<?php /* +-----------------------------------------------------------+ + Log1CMS 20(ajax_create_folderphp) Remote Code Execution + +-----------------------------------------------------------+ Web-App : Log1CMS 20 Vendor : log1cmssourceforgenet/ Vulnerability : Remote Code Execution Author : Adel SBM Websi ...

<?php /* -------------------------------------------------------------------- aidiCMS v355 (ajax_create_folderphp) Remote Code Execution Exploit -------------------------------------------------------------------- author: Egidio Romano aka EgiX mail: n0b0d13s[at]gmail[dot]com software lin ...

<?php /* -------------------------------------------------------------------------- Zenphoto <= 1414 (ajax_create_folderphp) Remote Code Execution Exploit -------------------------------------------------------------------------- author: Egidio Romano aka EgiX mail: n0b0d13s[at]gmail[dot ...

<?php /* ------------------------------------------------------------------------ phpMyFAQ <= 270 (ajax_create_folderphp) Remote Code Execution Exploit ------------------------------------------------------------------------ author: Egidio Romano aka EgiX mail: n0b0d13s[at]gmail[dot]com ...

-------------------------------------------------------------------------- Ajax File and Image Manager v10 Final Remote Code Execution Vulnerability -------------------------------------------------------------------------- author: Egidio Romano aka EgiX mail: n0b0d13s[at]gmail[dot]com software link: http ...

CWE-94 http://www.zenphoto.org/trac/ticket/2005 http://www.phpletter.com/en/DOWNLOAD/1/http://www.securityfocus.com/bid/50523 http://www.phpmyfaq.de/advisory_2011-10-25.php http://www.exploit-db.com/exploits/18075 https://nvd.nist.gov https://www.exploit-db.com/exploits/18975/

CVE-2011-4825

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect