PHP Live! < 2.8.2 Remote Configuration File Include
High Nessus Network Monitor Plugin ID 2447
SynopsisThe remote host is vulnerable to a script injection attack.
DescriptionThe remote host is running PHP Live!, a live support system for web sites.
The remote version of this software contains an unspecified flaw that may allow an attacker to include a configuration file hosted on a third party server.
An attacker may exploit this flaw to execute arbitrary PHP code on the remote host.
SolutionUpgrade to version 2.8.2 or higher.