CVE-2008-0300
Public Exploits 1
ExploitDB · 1 EDB-5232 [webapps]
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-0300
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
mapFiler.php in Mapbender 2.4 to 2.4.4 allows remote attackers to execute arbitrary PHP code via PHP code sequences in the factor parameter, which are not properly handled when accessing a filename that contains those sequences.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mapbender 'mapFiler.php' 代码注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mapbender中的mapFiler.php存在代码注入漏洞。远程攻击者通过系数参数中的PHP代码序列来执行任意PHP代码。该序列在登陆包含该序列的文件名时并没经过合适的处理。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-0300
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-0300
请登录查看更多情报信息。
Vendor Advisories for CVE-2008-0300 (3)
Exploits & Public PoCs for CVE-2008-0300 (1)
Other References for CVE-2008-0300 (1)
- http://www.redteam-pentesting.de/advisories/rt-sa-2008-001.phpx_refsource_MISC
Same Patch Batch · n/a · 2008-03-11 · 22 CVEs total
| CVE-2008-0118 | Microsoft Office单元格标注解析内存破坏漏洞(MS08-014) | |
| CVE-2008-1284 | Horde Framework 主题文件包含漏洞 | |
| CVE-2008-1283 | silver-forge neptune_web_server 跨站脚本攻击漏洞 | |
| CVE-2004-2759 | Utilization Suite 和 Performance Suite 安全漏洞 | |
| CVE-2008-1288 | ibm rational_clearquest 信息泄露漏洞 | |
| CVE-2008-1287 | IBM Rational ClearQuest 配置错误漏洞 | |
| CVE-2008-1286 | sun java_web_console 访问权限绕过漏洞 | |
| CVE-2008-1285 | Sun Java Server Faces跨站脚本攻击漏洞 | |
| CVE-2008-0307 | SAP MaxDB vserver组件远程堆溢出漏洞 | |
| CVE-2008-0306 | SAP MaxDB sdbstarter环境变量本地权限提升漏洞 | |
| CVE-2008-0301 | Mapbender 'mod_gazetteer_edit.php' SQL注入漏洞 | |
| CVE-2006-4695 | Microsoft Office Web Components URL分析漏洞 | |
| CVE-2008-0117 | Microsoft Excel多个远程代码执行漏洞 | |
| CVE-2008-0116 | Microsoft Excel富文本值堆溢出漏洞 | |
| CVE-2008-0115 | Microsoft Excel公式解析远程代码执行漏洞 | |
| CVE-2008-0114 | Microsoft Excel多个远程代码执行漏洞 | |
| CVE-2008-0113 | Microsoft Office畸形绘图对象远程代码执行漏洞 | |
| CVE-2008-0112 | Microsoft Excel多个远程代码执行漏洞 | |
| CVE-2008-0111 | Microsoft Excel数据验证记录堆内存破坏漏洞 | |
| CVE-2008-0110 | Microsoft Outlook Mailto URI远程代码执行漏洞 |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9421
KLiK SocialMediaWebsite File upload.inc.php uniqid unrestric - CVE-2026-9420
KLiK SocialMediaWebsite HTTP GET Request Parameter injection - CVE-2026-9376
JPress UCenter Article Submission Endpoint doWriteSave impro - CVE-2026-9373
JeecgBoot OpenAPI Endpoint call improper authentication - CVE-2026-9365
Ettercap GG Dissector ec_gg.c FUNC_DECODER heap-based overfl
V. Comments for CVE-2008-0300
No comments yet