Arbitrary PHP Code Execution Vulnerability in phpMyFAQ 2.6.11 and 2.6.12

Arbitrary PHP Code Execution Vulnerability in phpMyFAQ 2.6.11 and 2.6.12

CVE-2010-4558 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code.

Learn more about our External Network Penetration Testing.