Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-4825 - Vulnerability Database
phpMyFAQ

phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-4825

High
Reference: CVE-2011-4825
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-4825
Title: phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1 as used in tinymce before 1.4.2 phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1 and possibly other products allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.