12 matches found
EUVD-2008-3748
Malware in sbrugna...
EUVD-2008-3750
Malware in sbrugna...
CVE-2008-3763
Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when registerglobals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file...
Sql injection
Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php...
Code injection
Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when registerglobals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file...
CVE-2008-3764
Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php...
Sql injection
SQL injection vulnerability in onlinestatushtml.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the dep parameter, related to lack of input sanitization in the get function in global.php...
CVE-2008-3763
CVE-2008-3763 describes a variable overwrite vulnerability in libsecure.php of Turnkey PHP Live Helper 2.0.1 and earlier. When register_globals is enabled, remote attackers can overwrite arbitrary variables related to the db config file, potentially enabling code injection by overwriting the lang...
CVE-2008-3764
CVE-2008-3764 describes an eval injection in Turnkey PHP Live Helper (PHP Live Helper) 2.0.1 and earlier. The vulnerability resides in globalsoff.php and allows remote attackers to execute arbitrary PHP code via the test parameter (and likely other parameters) passed to chat.php. This is a remote...
CVE-2008-3763
Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when registerglobals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file...
CVE-2008-3762
CVE-2008-3762 is a SQL injection in Turnkey PHP Live Helper 2.0.1 and earlier. The vulnerability arises from lack of input sanitization in the get function (global.php), allowing remote attackers to execute arbitrary SQL via the dep parameter in onlinestatus_html.php. Connected sources confirm th...
CVE-2008-3762
SQL injection vulnerability in onlinestatushtml.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the dep parameter, related to lack of input sanitization in the get function in global.php...