The phpMyFAQ Team has learned of a security issue that has been discovered in phpMyFAQ 2.8.x.
phpMyFAQ 2.8.x allows logged in users without any proper permissions the usage of the bundled Image Manager.
The phpMyFAQ Team has released a new phpMyFAQ version 2.8.3 which fixes thie vulnerability. All users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.
There's no workaround except installing phpMyFAQ 2.8.3.
Please check http://pastebin.com/tmYXh6XM for further information.