Remote code execution vulnerability in phpMyFAQ 1.6.x
- Issued on:
- phpMyFAQ <= 1.6.9
The phpMyFAQ Team has learned about a vulnerability in the code that could be exploited in phpMyFAQ 1.6.x.
Through the vulnerability it is possible to gain the privilege for uploading files on the server when register_globals is activated: currently no public exploit is available but some users already reported us to be hacked and the r57shell script has been installed on their systems.
The phpMyFAQ Team has released the new phpMyFAQ version 1.6.10 which fixes the vulnerability. All users of the affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.
If it's possible for you set register_globals to off in your php.ini configuration settings.
The phpMyFAQ Team would like to thank François Maillet and Enrico Fischer (Powerserver-Germany webHosting & DomainServices) for reporting the vulnerability, and Johannes Schlüter for discovering and fixing the issue.