CVE-2006-1477

Name of the Vulnerable Software and Affected Versions PHP Live Helper version 1.8

Description The issue allows remote attackers to include and execute arbitrary PHP code. This is achieved via the abs path parameter in several PHP files, including "initiate.php", "waiting.php", "welcome.php", "admin/index.php", "javascript.php", "checkchat.php", and "blank.php".

Recommendations For PHP Live Helper version 1.8, consider restricting access to the abs path parameter in the affected PHP files until a patch is available. As a temporary workaround, disabling the execution of arbitrary PHP code in these files can help minimize the risk of exploitation.