Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpmyfaq | Phpmyfaq | 1.3.12 (including) | 1.3.12 (including) |