phpMyFAQ 2.9.9 Code Injection

phpMyFAQ version 2.9.9 suffers from an issue where an administrative account can execute arbitrary code on the server by modifying LANG_CONF[main.metaDescription].
Source: phpMyFAQ 2.9.9 Code Injection