Description
phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code.
Remediation
References
Related Vulnerabilities
Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-7912)
Python CVE-2023-6507 Vulnerability (CVE-2023-6507)
WordPress Plugin Duo Two-Factor Authentication Security Bypass (1.8.1)
WordPress Plugin WordPress File Upload Multiple Unspecified Vulnerabilities (3.10.0)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31554)