CVE-2008-3763

CVE-2008-3763 describes a variable overwrite vulnerability in libsecure.php of Turnkey PHP Live Helper 2.0.1 and earlier. When register_globals is enabled, remote attackers can overwrite arbitrary variables related to the db config file, potentially enabling code injection by overwriting the lang...

EUVD-2008-3749

Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when registerglobals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file...

PHP Live Helper 2.0.1 - Multiple Vulnerabilities

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper DBsite-queryfirst"SELECT FROM ". $this-dbprefix.$table." where ".$from."='$id'"; if isarray$result foreach $result as $key = $val $info$key = stripslashes$val;...

sunshop v4 >> RFI

vendor : turnkeywebtools.com by : s3rv3rhack3r [email protected] bugz: ++++++++++++++++++++ include/payment/payflowpro.php include $abspath."/include/payment/payflowpro/pfpro.class.php"; ++++++++++++++++++++ global.php requireonce $abspath."/libsecure.php"; ++++++++++++++++++++ libsecure.php inclu...