Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote malicious users to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyfaq phpmyfaq 1.3.12 |