Description

phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code.

Remediation

References

CVE-2010-4558

Related Vulnerabilities

MediaWiki Other Vulnerability (CVE-2005-1888)

WordPress Plugin Postie 'From' Field Cross-Site Scripting (1.4.3)

WordPress Plugin Jigoshop-Store Toolkit Privilege Escalation (1.3.7)

Seo Panel Observable Discrepancy Vulnerability (CVE-2024-22647)

Internet Information Services Other Vulnerability (CVE-2000-0408)

Severity

High

Classification

CVE-2010-4558 CWE-94

Tags

Missing Update Known Vulnerabilities