PhpMyFAQ Backdoor Unauthorized Access Vulnerability Network Vulnerability

Summary

phpMyFAQ is prone to an unauthorized-access vulnerability due to a backdoor in certain versions of the application. Successful exploits allow remote attackers to execute arbitrary PHP code in the context of the affected application. phpMyFAQ 2.6.11 and 2.6.12 obtained between December 4, 1010, and December 15, 2010 are vulnerable.

Solution

Updates are available please see the references for more information.

References

http://www.phpmyfaq.de/
http://www.phpmyfaq.de/advisory_2010-12-15.php
https://www.securityfocus.com/bid/45442

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4558

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Advanced Guestbook Index.PHP SQL Injection Vulnerability
A-A-S Application Access Server Multiple Vulnerabilities
ATutor < 1.5.1-pl1 Multiple Flaws
Apache Archiva Multiple Remote Command Execution Vulnerabilities
AdMentor Login Flaw

phpMyFAQ Backdoor Unauthorized Access Vulnerability

Take action and discover your vulnerabilities