Bugtraq mailing list archives

PHPLiveHelper 1.8 remote command execution (include) Xploit (perl)

From: stormhacker () hotmail com
Date: 27 Mar 2006 22:20:51 -0000

[W]orld [D]efacers Team
======================================
--------------------Summary----------------
eVuln ID: WD00
Vendor: phplivehelper
Vendor's Web Site: www.phplivehelper.com
Software: Live Customer Support Solution
Sowtware's Web Site:
http://www.turnkeywebtools.com/index.php/location/products/product/phplivehelper/
Versions: 1.8
Class: Remote
PoC/Exploit: Available
Solution: Not Available
Discovered by: rUnViRuS (worlddefacers.de)
-----------------Description---------------
abs_path File Include Vulnerability

--------------PoC/Exploit----------------------
http://www.worlddefacers.de/Public/WD-TMPLH.txt
--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: rUnViRuS (worlddefacers.de)

-------------------------------------------

Current thread:

PHPLiveHelper 1.8 remote command execution (include) Xploit (perl) stormhacker (Mar 27)