Summary
Ajax File and Image Manager is prone to a remote PHP code-injection vulnerability.
An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system other attacks
are also possible.
Ajax File and Image Manager 1.0 is vulnerable
other versions may also
be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-4825 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
- 3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- Assesi 'bg' Parameter SQL Injection vulnerability
- Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability