Vulnerabilities > CVE-2006-2394 - Cross-Site Scripting vulnerability in Turnkey web Tools PHP Live Helper 1.8
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | PHP Live Helper 2.0 Chat.PHP Cross-Site Scripting Vulnerability. CVE-2006-2394. Webapps exploit for php platform |
| id | EDB-ID:27860 |
| last seen | 2016-02-03 |
| modified | 2006-05-12 |
| published | 2006-05-12 |
| reporter | Mr-X |
| source | https://www.exploit-db.com/download/27860/ |
| title | PHP Live Helper 2.0 Chat.PHP Cross-Site Scripting Vulnerability |