CVE-2006-1478 Information

Description

Directory traversal vulnerability in (1) initiate.php and (2) possibly other PHP scripts in Turnkey Web Tools PHP Live Helper 1.8 and possibly later versions allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the language cookie as demonstrated by uploading PHP code in a gl_session cookie to users.php which causes the code to be stored in error.log which is then included by initiate.php.

Reference

http://secunia.com/advisories/19428 http://securityreason.com/securityalert/641 http://www.securityfocus.com/archive/1/428976/100/0/threaded http://www.turnkeywebtools.com/forum/showthread.php?p=10415 http://www.worlddefacers.de/Public/WD-TMPLH.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/25489