The phpMyFAQ Team has learned of a security issue that has been discovered in phpMyFAQ 2.6.
phpMyFAQ 2.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, e.g. by lang/language_uk.php and certain other files.
The phpMyFAQ Team has released a new phpMyFAQ version 2.6.18 which fixes these vulnerabilities. All users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.
There's no workaround except installing phpMyFAQ 2.6.18.
Please check CVE-2011-3783 for further information.