Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3764

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-3764
Last Modified 29 Jan 2009 01:54:21
Published 21 Aug 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3764

Summary

Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php.

Vulnerable Systems

Application

  • Turnkeywebtools Php Live Helper 2.0

  • Turnkeywebtools Php Live Helper 2.0.1


References

XF - phplivehelper-chat-code-execution(44571)

BID - 30729

BUGTRAQ - 20080816 PHP Live Helper <= 2.0.1 Multiple Vulnerabilities

MILW0RM - 6261

MISC - http://www.gulftech.org/?node=research&article_id=00124-08162008

SREASON - 4178

SECUNIA - 31521

MISC - http://demos.turnkeywebtools.com/phplivehelper/docs/change_log.txt


Last Updated: 27 May 2016 10:48:18