The popular live support tool phpLiveHelper is vulnerable to remote code execution due to an error in the way the tool processes URL parameters. By using a known URL parameter an intruder could cause their code of choice to be included into phpLiveHelper in realtime where that code would then run on the operator's system. An exploit could possibly open a port on a vulnerable system that would allow intruders to interact with the compromised system in variety of ways. No response from the vendor is known at this time