Описание
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code-not-present |
| hardy | not-affected | code-not-present |
| lucid | not-affected | code-not-present |
| maverick | not-affected | code-not-present |
| natty | not-affected | code-not-present |
| oneiric | not-affected | code-not-present |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code-not-present |
| hardy | DNE | |
| lucid | not-affected | code-not-present |
| maverick | not-affected | code-not-present |
| natty | not-affected | code-not-present |
| oneiric | not-affected | code-not-present |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
7.5 High
CVSS2