Description

phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code.

Remediation

References

CVE-2010-4558

Related Vulnerabilities

WordPress Plugin Free WordPress To Display Like/Dislike Comment Rating-Everest Comment Rating Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.4)

Oracle Database Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-1363)

Liferay Portal Inefficient Regular Expression Complexity Vulnerability (CVE-2023-33950)

WordPress Plugin Ads Pro-Multi-Purpose WordPress Advertising Manager Multiple Vulnerabilities (3.4)

WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.2)

Severity

High

Classification

CVE-2010-4558 CWE-94

Tags

Missing Update Known Vulnerabilities