cpe:/a:turnkeywebtools:php_live_helper:2.0 cpe:/a:turnkeywebtools:php_live_helper:2.0:beta_1 cpe:/a:turnkeywebtools:php_live_helper:2.0:beta_2 cpe:/a:turnkeywebtools:php_live_helper:2.0:beta_3 cpe:/a:turnkeywebtools:php_live_helper:2.0:beta_4 cpe:/a:turnkeywebtools:php_live_helper:2.0:beta_5 cpe:/a:turnkeywebtools:php_live_helper:2.0:beta_6 cpe:/a:turnkeywebtools:php_live_helper:2.0.1 CVE-2008-3763 2008-08-21T13:41:00.000-04:00 2017-09-28T21:31:49.990-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-08-21T14:37:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080816 PHP Live Helper <= 2.0.1 Multiple Vulnerabilities BID 30729 SECUNIA 31521 SREASON 4178 EXPLOIT-DB 6261 MISC http://demos.turnkeywebtools.com/phplivehelper/docs/change_log.txt MISC http://www.gulftech.org/?node=research&article_id=00124-08162008 XF phplivehelper-libsecure-code-execution(44570) Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when register_globals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file.