PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote malicious users to execute arbitrary PHP code via a URL in the faqpath parameter.
source: wwwsecurityfocuscom/bid/20621/info
Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input
A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process This may fa ...