RSS   Vulnerabilities for 'Php help agent'   RSS

2008-07-30
 
CVE-2008-3385

CWE-22
 

 
Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

 

 >>> Vendor: Linuxwebshop 2 Products
Php user base
Php help agent


Copyright 2024, cxsecurity.com

 

Back to Top