Vulnerability Description
phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpmyfaq | Phpmyfaq | 2.6.11 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/42622Vendor Advisory
- http://www.phpmyfaq.de/advisory_2010-12-15.phpVendor Advisory
- http://www.securityfocus.com/bid/45442Patch
- http://www.vupen.com/english/advisories/2010/3254Vendor Advisory
- http://secunia.com/advisories/42622Vendor Advisory
- http://www.phpmyfaq.de/advisory_2010-12-15.phpVendor Advisory
- http://www.securityfocus.com/bid/45442Patch
- http://www.vupen.com/english/advisories/2010/3254Vendor Advisory
FAQ
What is CVE-2010-4558?
CVE-2010-4558 is a vulnerability with a CVSS score of 7.5 (HIGH). phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allo...
How severe is CVE-2010-4558?
CVE-2010-4558 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4558?
Check the references section above for vendor advisories and patch information. Affected products include: Phpmyfaq Phpmyfaq.