phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-4825 - Vulnerability Database

phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-4825

High
Reference: CVE-2011-4825
Title: phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1 as used in tinymce before 1.4.2 phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1 and possibly other products allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.