PHPMYFAQ 2.9.9 suffer a code injection vulnerability. A user with right to edit translation can inject php code into php files in folder lang.

Conditions to meet :

  1. User has right to edit translation
  2. Edit translations is active (folder lang is writable)

PHPMYFAQ 2.9.9 saves translations into files. The file then will be included when the application is set to the language.