Описание
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Live Helper 1.8 allow remote attackers to include and execute arbitrary PHP code via the abs_path parameter in (1) initiate.php, (2) waiting.php, (3) welcome.php, (4) admin/index.php, (5) javascript.php, (6) checkchat.php, and (7) blank.php.
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Live Helper 1.8 allow remote attackers to include and execute arbitrary PHP code via the abs_path parameter in (1) initiate.php, (2) waiting.php, (3) welcome.php, (4) admin/index.php, (5) javascript.php, (6) checkchat.php, and (7) blank.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1477
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25489
- http://secunia.com/advisories/19428
- http://www.osvdb.org/24193
- http://www.osvdb.org/24194
- http://www.osvdb.org/24195
- http://www.osvdb.org/24196
- http://www.osvdb.org/24197
- http://www.osvdb.org/24198
- http://www.osvdb.org/24199
- http://www.securityfocus.com/archive/1/428976/100/0/threaded
- http://www.securityfocus.com/archive/1/437648/100/0/threaded
- http://www.securityfocus.com/archive/1/437741/100/0/threaded
- http://www.securityfocus.com/bid/18509
- http://www.turnkeywebtools.com/forum/showthread.php?p=10415
- http://www.vupen.com/english/advisories/2006/1137
- http://www.worlddefacers.de/Public/WD-TMPLH.txt
EPSS
CVE ID
Связанные уязвимости
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Live Helper 1.8 allow remote attackers to include and execute arbitrary PHP code via the abs_path parameter in (1) initiate.php, (2) waiting.php, (3) welcome.php, (4) admin/index.php, (5) javascript.php, (6) checkchat.php, and (7) blank.php.
EPSS