CVE-2010-4558
 
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code.
phpMyFAQ v2.6.11 y v2.6.12, como los distribuidos entre el 4 y el 15 de diciembre de 2010, contiene una modificación introducida externamente (Troyano) en el método getTopTen en inc/faq.php, que permite a atacantes remotos ejecutar código PHP de su elección.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-12-17 CVE Reserved
- 2010-12-17 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (4)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/bid/45442 | 2010-12-20 |
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/42622 | 2010-12-20 | |
http://www.phpmyfaq.de/advisory_2010-12-15.php | 2010-12-20 | |
http://www.vupen.com/english/advisories/2010/3254 | 2010-12-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Phpmyfaq Search vendor "Phpmyfaq" | Phpmyfaq Search vendor "Phpmyfaq" for product "Phpmyfaq" | 2.6.11 Search vendor "Phpmyfaq" for product "Phpmyfaq" and version "2.6.11" | - |
Affected
| ||||||
Phpmyfaq Search vendor "Phpmyfaq" | Phpmyfaq Search vendor "Phpmyfaq" for product "Phpmyfaq" | 2.6.12 Search vendor "Phpmyfaq" for product "Phpmyfaq" and version "2.6.12" | - |
Affected
|