Php Live Helper Security Vulnerabilities and Issues — Php Live Helper CVE List

Turnkey Web ToolsPhp Live Helper

4 matches found

CVE•added 2006/08/10 12:0 a.m.•118 views

CVE-2006-4051

The CVE-2006-4051 entry describes a PHP remote file inclusion in Turnkey Web Tools PHP Live Helper (versions 2.0 and earlier) where the abs_path parameter is not properly sanitized, allowing an attacker to supply a URL and execute arbitrary PHP code on the affected server. Connected advisories an...

7.5CVSS7.5AI score0.0812EPSS

CVE•added 2006/03/29 1:0 a.m.•48 views

CVE-2006-1477

Turnkey Web Tools PHP Live Helper 1.8 is affected by multiple remote file inclusion vulnerabilities. The issue arises from improper handling of the abs_path parameter in scripts (initiate.php, waiting.php, welcome.php, admin/index.php, javascript.php, checkchat.php, blank.php), allowing an attack...

7.5CVSS7.6AI score0.04696EPSS

Web

CVE•added 2006/03/29 1:0 a.m.•43 views

CVE-2006-1478

CVE-2006-1478 affects Turnkey Web Tools PHP Live Helper 1.8 (and possibly later versions). The vulnerability is a directory traversal in (1) initiate.php and possibly other PHP scripts, allowing remote authenticated users to include and execute arbitrary local files. The attack relies on crafted ...

7.5CVSS6.9AI score0.01929EPSS

CVE•added 2006/05/16 1:0 a.m.•43 views

CVE-2006-2394

CVE-2006-2394 affects PHP Live Helper’s chat.php, where the PHPSESSID parameter enables cross-site scripting. The vulnerability allows remote attackers to inject arbitrary web script or HTML in the context of the affected site. Public references (including Exploit-DB) document a browser-executabl...

5.8CVSS5.8AI score0.01282EPSS

Web