CVE-2011-5147 - OpenCVE

Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Freewebshop	Freewebshop

Configuration 1 [-]

OR	cpe:2.3:a:freewebshop:freewebshop::r2::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.1:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.1:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.2:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.3:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.4:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.5:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.6:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.7:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.7_wip1_2:::::::*
	cpe:2.3:a:freewebshop:freewebshop:2.2.9:::::::*

No data.

References

Link	Providers
http://www.exploit-db.com/exploits/18121
http://www.freewebshop.org/forum/index.php?topic=5235.0
http://www.osvdb.org/77162

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-08-31T21:00:00Z

Updated: 2024-09-17T01:05:47.681Z

Reserved: 2012-08-31T00:00:00Z

Link: CVE-2011-5147

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-08-31T21:55:02.480

Modified: 2013-09-12T06:24:58.643

Link: CVE-2011-5147

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-08-31T21:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "18121", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/18121"}, {"name": "77162", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/77162"}, {"tags": ["x_refsource_MISC"], "url": "http://www.freewebshop.org/forum/index.php?topic=5235.0"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-5147", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "18121", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/18121"}, {"name": "77162", "refsource": "OSVDB", "url": "http://www.osvdb.org/77162"}, {"name": "http://www.freewebshop.org/forum/index.php?topic=5235.0", "refsource": "MISC", "url": "http://www.freewebshop.org/forum/index.php?topic=5235.0"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:30:44.492Z"}, "title": "CVE Program Container", "references": [{"name": "18121", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/18121"}, {"name": "77162", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/77162"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.freewebshop.org/forum/index.php?topic=5235.0"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-5147", "datePublished": "2012-08-31T21:00:00Z", "dateReserved": "2012-08-31T00:00:00Z", "dateUpdated": "2024-09-17T01:05:47.681Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:freewebshop:freewebshop:*:r2:*:*:*:*:*:*", "matchCriteriaId": "6BE95DB2-BBEE-45AA-94F1-CE35D22A2E01", "versionEndIncluding": "2.2.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "83C7CC0D-8F0F-4B87-9A45-98FC9D6571B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFFFCC14-F5B9-475B-B530-B9DC95D813DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "90A38715-6939-4125-AFED-26C20D7A992C", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7E653656-28AA-42D6-B9BE-57975A69C850", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0FBDA99A-8058-4F50-8BBA-2F642CFFE294", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "457F229C-4CEB-4C7A-9CF0-7C8E07F0ADD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "7F33949C-8DC9-4E7A-BAA5-177F46673EA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "D2B519EA-F6CC-4528-BBE7-0C947CDDB485", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.7_wip1_2:*:*:*:*:*:*:*", "matchCriteriaId": "0D0EA1D3-1DC4-4902-A52F-FCF73DE826B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:freewebshop:freewebshop:2.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "2E32EE09-A7AD-4853-82E3-9C17D1B391D5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n de c\u00f3digo est\u00e1tico en ajax_save_name.php del m\u00f3dulo Ajax File Manager del plugin tinymce para FreeWebshop v2.2.9 R2 y anteriores permite a atacantes remotos inyectar c\u00f3digo PHP de su elecci\u00f3n en data.php a trav\u00e9s de un documento elegido, como se ha demostrado por una petici\u00f3n a ajax_file_cut.php y despu\u00e9s a ajax_save_name.php."}], "id": "CVE-2011-5147", "lastModified": "2013-09-12T06:24:58.643", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-31T21:55:02.480", "references": [{"source": "cve@mitre.org", "url": "http://www.exploit-db.com/exploits/18121"}, {"source": "cve@mitre.org", "url": "http://www.freewebshop.org/forum/index.php?topic=5235.0"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/77162"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}