CVE-2011-5147 in FreeWebshopinformazioni

Riassunto

di MITRE

Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

31/08/2012

Divulgazione

31/08/2012

Moderazione

accettato

Voce

VDB-61983

CPE

pronto

CWE

CWE-94 (confermato)

Sfruttamento

Scaricare

CVSS

5.0 (NVD)

EPSS

0.02288

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-5147
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-5147
CVE Details	https://www.cvedetails.com/cve/CVE-2011-5147/

◂ Precedente Visione D'ensemble Il prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!