[Full-disclosure] PAJAX Remote Code Injection and File Inclusion Vulnerability
Advisory: PAJAX Remote Code Injection and File Inclusion Vulnerability RedTeam has identified two security flaws in PAJAX. It is possible to execute arbitrary PHP code from unchecked user input. Additionally, it is possible to include arbitrary files on the server ending in ".class.php". Details...