Vulnerabilities (CVE)

Filtered by vendor Phpletter Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-4825 3 Phpletter, Phpmyfaq, Tinymce 3 Ajax File And Image Manager, Phpmyfaq, Tinymce 2024-11-21 7.5 HIGH N/A
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.