159 matches found
PHP Live Helper <= 2.0.1 Multiple Vulnerabilities
GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows the visitors of a website to intera...
CVE-2008-0821
SQL injection vulnerability in admin/traffic/knowledgesearchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expandquestion action...
Sql injection
SQL injection vulnerability in admin/traffic/knowledgesearchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expandquestion action...
CVE-2008-0821
CVE-2008-0821 affects OSI Codes Inc. PHP Live! 3.2.2. The vulnerability is a SQL injection in admin/traffic/knowledge_searchm.php via the questid parameter in an expand_question action, allowing remote attackers to execute arbitrary SQL commands. CVSS v2 base score 7.5 (HIGH) with network attack ...
CVE-2008-0821
SQL injection vulnerability in admin/traffic/knowledgesearchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expandquestion action...
PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability
No description provided by source. !Info! PHP Live! 漏 OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your...
PHP Live! 3.2.2 - 'questid' SQL Injection (1)
!Info! PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to your website. !SQL Injection! Code:...
PHP Live! 3.2.2 - questid SQL Injection (1)
PHP Live! 3.2.2 - questid SQL Injection 1 !Info! PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, you can provide one-on-one chat assistance in real-time, answer visitor questions and add that extra human touch to yo...
PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =============================================================== PHP Live! = 3.2.2 questid Remote SQL Injection Vulnerability =============================================================== !Info! PHP Live! © OSI Codes Inc. enables live he...
phplive-rfi.txt
Aria-Security Team http://Aria-Security.Net Persian Security Network Source Code: Affected file: Index.php Poc: /index.php?DOCUMENT...
OSI CODES - PHP Live! Remote File Inclusion
Aria-Security Team http://Aria-Security.Net Persian Security Network Source Code: ? / COPYRIGHT OSI CODES - PHP Live! / sessionstart ; $l = "" ; // try to get cookie value first if isset $HTTPCOOKIEVARS'COOKIEPHPLIVESITE' $l = $HTTPCOOKIEVARS'COOKIEPHPLIVESITE' ; if isset $HTTPGETVARS'l' $l =...
CVE-2007-3218
CVE-2007-3218 is a cross-site scripting (XSS) vulnerability in PHP Live! before or at version 3.2.2, affecting the request.php component. The issue allows remote attackers to inject arbitrary web script or HTML via the pagex parameter. NVD lists a CVSS v2 base score of 4.3 (Medium) with high conf...
CVE-2007-3218
Cross-site scripting XSS vulnerability in request.php in PHP Live! 3.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the pagex parameter...
PHP Live! Support XSS vuln.
PHP Live! Support XSS vuln. Vuln. discovered by : r0t Date: 12 June 2007 vendor:http://www.phplivesupport.com/ affected versions: 3.2.2 and prior orginal advisory: http://pridels-team.blogspot.com/2007/06/php-live-support-xss-vuln.html PHP Live! contains a flaw that allows a remote Cross-Site...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 sid parameter to a chat.php, 2 LANGDEFAULTBRANDING and 3 PHPLIVEVERSION parameters to b help.php, the 4 adminname parameter to c admin/header.php, and the 5...
CVE-2007-3060
Multiple cross-site scripting XSS vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 sid parameter to a chat.php, 2 LANGDEFAULTBRANDING and 3 PHPLIVEVERSION parameters to b help.php, the 4 adminname parameter to c admin/header.php, and the 5...
CVE-2007-3060
Multiple cross-site scripting XSS vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 sid parameter to a chat.php, 2 LANGDEFAULTBRANDING and 3 PHPLIVEVERSION parameters to b help.php, the 4 adminname parameter to c admin/header.php, and the 5...
CVE-2007-3060
PHP Live! 3.2.2 (and earlier) is affected by multiple cross-site scripting (XSS) vulnerabilities. The CVE-2007-3060 entry and related records describe XSS vectors that allow an attacker to inject arbitrary script or HTML via parameters such as sid in chat.php, LANG[DEFAULT_BRANDING], PHPLIVE_VERS...
PHPLive! 3.2.2 - '/admin/header.php?admin[name]' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
PHPLive! 3.2.2 - 'chat.php?sid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...