icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

PHP Live! < 2.8.2 Remote Configuration File Include

High

Synopsis

The remote host is vulnerable to a script injection attack.

Description

The remote host is running PHP Live!, a live support system for web sites. The remote version of this software contains an unspecified flaw that may allow an attacker to include a configuration file hosted on a third party server. An attacker may exploit this flaw to execute arbitrary PHP code on the remote host.

Solution

Upgrade to version 2.8.2 or higher.