Adel SBM - Security Researcher - Exploit Intelligence Platform

CVE-2011-4825 METASPLOIT ruby WORKING POC

Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.

View Code

CVE-2011-4825 EXPLOITDB ruby WORKING POC

Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.

View Code

CVE-2011-4825 EXPLOITDB php WORKING POC

Ajax File and Image Manager < 1.1 - Remote Code Execution via PHP Code Injection in data.php

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.

View Code