phpMyFAQ 2.9.9 Code Injection
https://packetstormsecurity.com/files/145034/phpmyfaq2.9.9-exec.txt
https://packetstormsecurity.com/files/145034/phpmyfaq2.9.9-exec.txthttps://packetstormsecurity.com/files/145034/phpMyFAQ-2.9.9-Code-Injection.htmlFri, 17 Nov 2017 10:11:11 GMTphpMyFAQ version 2.9.9 suffers from an issue where an administrative account can execute arbitrary code on the server by modifying LANG_CONF[main.metaDescription].