CVE-2006-1008

EPSS 2.10% · P84 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-1008

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) dir and (2) page_id parameter to (a) index.php and (3) userid parameter to (b) mailto.php. NOTE: it is possible that issues 1 and 2 are resultant from SQL injection.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

N8CMS多个跨站脚本攻击漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

在N8cms 1.1和1.2 中存在多个跨站脚本攻击(XSS)漏洞，会使远程攻击者通过(1) dir和(2)位于(a) index.php中的page_id参数和(3)位于(b) mailto.php中的userid参数，注入任意Web脚本或HTML。注：问题1和2可能起因于SQL注入。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-1008

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-1008

Please Login to view more intelligence information

http://biyosecurity.be/bugs/n8cms.txtx_refsource_MISC
http://securityreason.com/securityalert/562third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/19068third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/16858vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2006/0779vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/25126vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/24975vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/427222/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-1008

Same Patch Batch · n/a · 2006-03-06 · 18 CVEs total

CVE-2006-1007		N8CMS 'index.php '多个输入验证漏洞
CVE-2006-0815		NetworkActiv Web Server脚本源码泄露漏洞
CVE-2006-0458		Ubuntu Linux IRSSI DCC ACCEPT拒绝服务漏洞
CVE-2006-1012		WordPress User-Agent SQL注入漏洞
CVE-2006-1011		LetterMerger Access本地信息泄露漏洞
CVE-2006-1010		CrossFire 'socket/request.c'缓冲区溢出漏洞
CVE-2006-0949		RaidenHTTPD远程脚本泄露漏洞
CVE-2006-0814		Lighttpd远程脚本源码泄露漏洞
CVE-2006-1009		M4 Project enigma-suite 帐户缺省口令漏洞
CVE-2006-0387		Apple MacOS X BOMArchiveHelper目录遍历漏洞
CVE-2006-1006		Sendcard ‘sendcard.php’ 多个SQL注入漏洞
CVE-2006-1005		Parodia 'agencyprofile.asp'远程攻击引发SQL错误漏洞
CVE-2006-1004		Cactusoft Parodia ‘Agencyprofile.ASP’跨站脚本攻击漏洞
CVE-2006-1003		Netgear WGT624 Wireless Firewall Router Information Disclosure Vulnerability
CVE-2006-1002		Netgear WGT624无线访问点缺省后门账户漏洞
CVE-2006-1001		Lansuite Board ModuleSQL注入漏洞
CVE-2006-1000		Pentacle In-Out Board 多个SQL注入漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-1008

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-1008

I. Basic Information for CVE-2006-1008

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-1008

III. Intelligence Information for CVE-2006-1008

Same Patch Batch · n/a · 2006-03-06 · 18 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-1008

Leave a comment