____________________ ___ ___ ________ \_ _____/\_ ___ \ / | \\_____ \ | __)_ / \ \// ~ \/ | \ | \\ \___\ Y / | \ /_______ / \______ /\___|_ /\_______ / \/ \/ \/ \/ .OR.ID ECHO_ADV_42$2006 --------------------------------------------------------------------------------------------------- [ECHO_ADV_42$2006] PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion --------------------------------------------------------------------------------------------------- Author : Ahmad Maulana a.k.a Matdhule Date Found : July, 02nd 2006 Location : Indonesia, Jakarta web : http://advisories.echo.or.id/adv/adv42-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PHP Live Helper Application : PHP Live Helper version : Latest version [2.0] URL : http://www.turnkeywebtools.com/phplivehelper --------------------------------------------------------------------------- Vulnerability: ~~~~~~~~~~~~~~~~ -----------------------global.php---------------------- ....