Vulnerability Details CVE-2008-3764
Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.081
EPSS Ranking 91.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://demos.turnkeywebtools.com/phplivehelper/docs/change_log.txt
- http://secunia.com/advisories/31521
- http://securityreason.com/securityalert/4178
- http://www.gulftech.org/?node=research&article_id=00124-08162008
- http://www.securityfocus.com/archive/1/495542/100/0/threaded
- http://www.securityfocus.com/bid/30729
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44571
- https://www.exploit-db.com/exploits/6261
- http://demos.turnkeywebtools.com/phplivehelper/docs/change_log.txt
- http://secunia.com/advisories/31521
- http://securityreason.com/securityalert/4178
- http://www.gulftech.org/?node=research&article_id=00124-08162008
- http://www.securityfocus.com/archive/1/495542/100/0/threaded
- http://www.securityfocus.com/bid/30729
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44571
- https://www.exploit-db.com/exploits/6261
Products affected by CVE-2008-3764
-
cpe:2.3:a:turnkeywebtools:php_live_helper:*
-
cpe:2.3:a:turnkeywebtools:php_live_helper:2.0