FreeBSD : phpmyfaq -- arbitrary PHP code execution vulnerability (3b86583a-66a7-11e3-868f-0025905a4771)
High Nessus Plugin ID 71485
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe phpMyFAQ team reports :
Secunia noticed while analysing the advisory that authenticated users with 'Right to add attachments' are able to exploit an already publicly known issue in the bundled Ajax File Manager of phpMyFAQ version 2.8.3, which leads to arbitrary PHP code execution for authenticated users with the permission 'Right to add attachments'.
SolutionUpdate the affected package.