Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php.
demos.turnkeywebtools.com/phplivehelper/docs/change_log.txt
secunia.com/advisories/31521
securityreason.com/securityalert/4178
www.gulftech.org/?node=research&article_id=00124-08162008
www.securityfocus.com/archive/1/495542/100/0/threaded
www.securityfocus.com/bid/30729
exchange.xforce.ibmcloud.com/vulnerabilities/44571
www.exploit-db.com/exploits/6261