CVE-2004-2255

Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename.

Date published : 2005-07-17

http://www.securityfocus.com/bid/10374

http://www.phpmyfaq.de/advisory_2004-05-18.php