Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

PHP Live! < 2.8.2 Remote Configuration File Include

High

Synopsis

The remote host is vulnerable to a script injection attack.

Description

The remote host is running PHP Live!, a live support system for web sites. The remote version of this software contains an unspecified flaw that may allow an attacker to include a configuration file hosted on a third party server. An attacker may exploit this flaw to execute arbitrary PHP code on the remote host.

Solution

Upgrade to version 2.8.2 or higher.