Lucene search
K

159 matches found

securityvulns
securityvulns
added 2008/08/18 12:0 a.m.95 views

PHP Live Helper <= 2.0.1 Multiple Vulnerabilities

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows the visitors of a website to intera...

1.7AI score
Exploits0
NVD
NVD
added 2008/02/19 8:44 p.m.17 views

CVE-2008-0821

SQL injection vulnerability in admin/traffic/knowledgesearchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expandquestion action...

7.5CVSS8.4AI score0.00939EPSS
Exploits1References2
Prion
Prion
added 2008/02/19 8:44 p.m.14 views

Sql injection

SQL injection vulnerability in admin/traffic/knowledgesearchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expandquestion action...

7.5CVSS9.2AI score0.00939EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2008/02/19 8:0 p.m.42 views

CVE-2008-0821

CVE-2008-0821 affects OSI Codes Inc. PHP Live! 3.2.2. The vulnerability is a SQL injection in admin/traffic/knowledge_searchm.php via the questid parameter in an expand_question action, allowing remote attackers to execute arbitrary SQL commands. CVSS v2 base score 7.5 (HIGH) with network attack ...

7.5CVSS8.4AI score0.00939EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2008/02/19 8:0 p.m.19 views

CVE-2008-0821

SQL injection vulnerability in admin/traffic/knowledgesearchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expandquestion action...

8.4AI score0.00939EPSS
Exploits1References2
seebug.org
seebug.org
added 2008/02/16 12:0 a.m.40 views

PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability

No description provided by source. !Info! PHP Live! 漏 OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/14 12:0 a.m.42 views

PHP Live! 3.2.2 - 'questid' SQL Injection (1)

!Info! PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your website. !SQL Injection! Code:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/02/14 12:0 a.m.40 views

PHP Live! 3.2.2 - questid SQL Injection (1)

PHP Live! 3.2.2 - questid SQL Injection 1 !Info! PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to yo...

0.6AI score
Exploits0
0day.today
0day.today
added 2008/02/14 12:0 a.m.21 views

PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== PHP Live! = 3.2.2 questid Remote SQL Injection Vulnerability =============================================================== !Info! PHP Live! © OSI Codes Inc. enables live he...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/10/25 12:0 a.m.32 views

phplive-rfi.txt

Aria-Security Team http://Aria-Security.Net Persian Security Network Source Code: Affected file: Index.php Poc: /index.php?DOCUMENT...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/10/24 12:0 a.m.62 views

OSI CODES - PHP Live! Remote File Inclusion

Aria-Security Team http://Aria-Security.Net Persian Security Network Source Code: ? / COPYRIGHT OSI CODES - PHP Live! / sessionstart ; $l = "" ; // try to get cookie value first if isset $HTTPCOOKIEVARS'COOKIEPHPLIVESITE' $l = $HTTPCOOKIEVARS'COOKIEPHPLIVESITE' ; if isset $HTTPGETVARS'l' $l =...

0.6AI score
Exploits0
CVE
CVE
added 2007/06/14 10:0 p.m.47 views

CVE-2007-3218

CVE-2007-3218 is a cross-site scripting (XSS) vulnerability in PHP Live! before or at version 3.2.2, affecting the request.php component. The issue allows remote attackers to inject arbitrary web script or HTML via the pagex parameter. NVD lists a CVSS v2 base score of 4.3 (Medium) with high conf...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/06/14 10:0 p.m.15 views

CVE-2007-3218

Cross-site scripting XSS vulnerability in request.php in PHP Live! 3.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the pagex parameter...

5.8AI score0.01033EPSS
Exploits0References4
securityvulns
securityvulns
added 2007/06/12 12:0 a.m.59 views

PHP Live! Support XSS vuln.

PHP Live! Support XSS vuln. Vuln. discovered by : r0t Date: 12 June 2007 vendor:http://www.phplivesupport.com/ affected versions: 3.2.2 and prior orginal advisory: http://pridels-team.blogspot.com/2007/06/php-live-support-xss-vuln.html PHP Live! contains a flaw that allows a remote Cross-Site...

0.4AI score
Exploits0
Prion
Prion
added 2007/06/06 1:30 a.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 sid parameter to a chat.php, 2 LANGDEFAULTBRANDING and 3 PHPLIVEVERSION parameters to b help.php, the 4 adminname parameter to c admin/header.php, and the 5...

4.3CVSS6AI score0.04963EPSS
Exploits5References16Affected Software1
NVD
NVD
added 2007/06/06 1:30 a.m.23 views

CVE-2007-3060

Multiple cross-site scripting XSS vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 sid parameter to a chat.php, 2 LANGDEFAULTBRANDING and 3 PHPLIVEVERSION parameters to b help.php, the 4 adminname parameter to c admin/header.php, and the 5...

4.3CVSS5.7AI score0.04963EPSS
Exploits1References16
Cvelist
Cvelist
added 2007/06/06 1:0 a.m.26 views

CVE-2007-3060

Multiple cross-site scripting XSS vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 sid parameter to a chat.php, 2 LANGDEFAULTBRANDING and 3 PHPLIVEVERSION parameters to b help.php, the 4 adminname parameter to c admin/header.php, and the 5...

5.7AI score0.04963EPSS
Exploits1References16
CVE
CVE
added 2007/06/06 1:0 a.m.49 views

CVE-2007-3060

PHP Live! 3.2.2 (and earlier) is affected by multiple cross-site scripting (XSS) vulnerabilities. The CVE-2007-3060 entry and related records describe XSS vectors that allow an attacker to inject arbitrary script or HTML via parameters such as sid in chat.php, LANG[DEFAULT_BRANDING], PHPLIVE_VERS...

4.3CVSS5.8AI score0.04963EPSS
Exploits1References16Affected Software1
Exploit DB
Exploit DB
added 2007/06/01 12:0 a.m.16 views

PHPLive! 3.2.2 - &#039;/admin/header.php?admin[name]&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/01 12:0 a.m.29 views

PHPLive! 3.2.2 - &#039;chat.php?sid&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Rows per page
Query Builder