Ajax File And Image Manager 'data.php' PHP Code Injection Vulnerability Network Vulnerability

Summary

Ajax File and Image Manager is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system other attacks are also possible. Ajax File and Image Manager 1.0 is vulnerable other versions may also be affected.

References

http://www.phpletter.com/
http://www.securityfocus.com/bid/50523

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4825

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability
Apache Tomcat Windows Installer Privilege Escalation Vulnerability
Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
Assesi 'bg' Parameter SQL Injection vulnerability
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability