CVE-2008-3763

2008-08-21T17:41:00
ID CVE-2008-3763
Type cve
Reporter cve@mitre.org
Modified 2018-10-11T20:49:00

Description

Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when register_globals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file. Upgrade to Version 2.1.0 - http://www.turnkeywebtools.com/esupport/index.php?_m=news&_a=viewnews&newsid=62