CVE-2010-4558

phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code.

Published: Dec 17, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4558
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
phpmyfaq / phpmyfaq	2.6.11	2.6.11.x
phpmyfaq / phpmyfaq	2.6.12	2.6.12.x

http://secunia.com/advisories/42622
http://www.phpmyfaq.de/advisory_2010-12-15.php
http://www.securityfocus.com/bid/45442
http://www.vupen.com/english/advisories/2010/3254

Vulnerability Database

290,300

CVE-2010-4558