Intrusion Prevention

PAJAX.Arbitrary.PHP.Code.Execution

Description

This is an attack attempt against a vulnerability in PAJAX.
This issue is triggered when PHP code is included in the 'method' and 'args' variables, which may lead to a loss of integrity. An attacker may exploit this to gain access to unauthorized privileges.

Affected Products

PAJAX PAJAX 0.5.1

Impact

Attackers can execute arbitrary PHP code to gain unauthorized access.

Recommended Actions

Upgrade to version 0.5.2 or higher, as it has been reported to fix this vulnerability.

CVE References

CVE-2006-1551

Other References

1