Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-4825

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.

Published

2011-12-15T03:57:34.667

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-94
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application phpletter ajax_file_and_image_manager ≤ 1.0 Yes
Application phpletter ajax_file_and_image_manager 0.5 Yes
Application phpletter ajax_file_and_image_manager 0.5.5 Yes
Application phpletter ajax_file_and_image_manager 0.5.7 Yes
Application phpletter ajax_file_and_image_manager 0.6 Yes
Application phpletter ajax_file_and_image_manager 0.6.12 Yes
Application phpletter ajax_file_and_image_manager 0.7.8 Yes
Application phpletter ajax_file_and_image_manager 0.7.10 Yes
Application phpletter ajax_file_and_image_manager 0.8 Yes
Application phpletter ajax_file_and_image_manager 0.8.8 Yes
Application phpletter ajax_file_and_image_manager 0.8.9 Yes
Application phpletter ajax_file_and_image_manager 0.8.24 Yes
Application phpletter ajax_file_and_image_manager 0.9 Yes
Application phpletter ajax_file_and_image_manager 1.0 Yes
Application phpletter ajax_file_and_image_manager 1.0 Yes
Application phpletter ajax_file_and_image_manager 1.0 Yes
Application phpletter ajax_file_and_image_manager 1.0 Yes
Application phpletter ajax_file_and_image_manager 1.0 Yes
Application phpletter ajax_file_and_image_manager 1.0 Yes
Application phpletter ajax_file_and_image_manager 1.0 Yes
Application phpmyfaq phpmyfaq 2.6.0 Yes
Application phpmyfaq phpmyfaq 2.6.1 Yes
Application phpmyfaq phpmyfaq 2.6.2 Yes
Application phpmyfaq phpmyfaq 2.6.3 Yes
Application phpmyfaq phpmyfaq 2.6.4 Yes
Application phpmyfaq phpmyfaq 2.6.5 Yes
Application phpmyfaq phpmyfaq 2.6.6 Yes
Application phpmyfaq phpmyfaq 2.6.7 Yes
Application phpmyfaq phpmyfaq 2.6.8 Yes
Application phpmyfaq phpmyfaq 2.6.9 Yes
Application phpmyfaq phpmyfaq 2.6.10 Yes
Application phpmyfaq phpmyfaq 2.6.11 Yes
Application phpmyfaq phpmyfaq 2.6.12 Yes
Application phpmyfaq phpmyfaq 2.6.13 Yes
Application phpmyfaq phpmyfaq 2.6.14 Yes
Application phpmyfaq phpmyfaq 2.6.15 Yes
Application phpmyfaq phpmyfaq 2.6.16 Yes
Application phpmyfaq phpmyfaq 2.6.17 Yes
Application phpmyfaq phpmyfaq 2.6.18 Yes
Application phpmyfaq phpmyfaq 2.7.0 Yes
Application tinymce tinymce ≤ 1.4.1 Yes
References