Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-0803

EPSS 8.45% · P92
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-0803

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan Manager 0.9 allow remote attackers to execute arbitrary PHP code via a URL in the sys_conf[path][real] parameter to (1) modules\class\Table.php; (2) db_admins.php, (3) db_alert.php, (4) db_double.php, (5) db_games.php, (6) db_matches.php, (7) db_match_teams.php, (8) db_news.php, (9) db_platform.php, (10) db_players.php, (11) db_server_group.php, (12) db_server_ip.php, (13) db_teams.php, (14) db_team_players.php, (15) db_tournaments.php, (16) db_tournament_teams.php, and (17) db_trees.php in modules\class\db\; and (18) Match.php, (19) MatchTeam.php, (20) Rule.php, (21) RuleBuilder.php, (22) RulePool.php, (23) RuleSingle.php, (24) RuleTree.php, (25) Tournament.php, (26) TournamentTeam.php, (27) Tree.php, and (28) TreeSingle.php in modules\class\tournament\. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
lookstrike lan_manager sys_conf[path][real] 参数 多个PHP远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
LookStrike Lan Manager 0.9中的多个PHP远程文件包含漏洞会允许远程攻击者通过sys_conf[path][real] 参数中一个url来执行任意PHP代码。漏洞存在(1) modules\class\Table.PHP; (2) db_admins.PHP, (3) db_alert.PHP, (4) db_double.PHP, (5) db_games.PHP, (6) db_matches.PHP, (7) db_match_teams.PHP, (8) db_news.P
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2008-0803

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2008-0803

Please Login to view more intelligence information

Same Patch Batch · n/a · 2008-02-15 · 25 CVEs total

CVE-2008-0530Cisco Unified IP Phone DNS响应 任意代码执行漏洞
CVE-2008-0788mybb 多个文件操作 跨站请求伪造漏洞
CVE-2008-0787MyBB inc/datahandlers/pm.PHP SQL注入漏洞
CVE-2008-0642Adobe RoboHelp 多个跨站脚本漏洞
CVE-2008-0794Affiliate Market 'user/header.PHP' 目录遍历漏洞
CVE-2008-0793Tendenci CMS 'search.asp' 多个跨站脚本漏洞
CVE-2008-0792多个F-Secure anti-virus产品 权限许可和访问控制漏洞
CVE-2008-0791Intermate WinIPDS ipdsserver.exe 拒绝服务攻击漏洞
CVE-2008-0790Intermate WinIPDS ipdsserver.exe 目录遍历漏洞
CVE-2008-0789LI-Countdown 'countdown.PHP' SQL 注入漏洞
CVE-2008-0777FreeBSD sendfile(2)函数 权限许可和访问控制
CVE-2008-0531Cisco Unified IP Phone challenge/response 消息 任意代码执行漏洞
CVE-2008-0795Joomla!和Mambo 'com_xfaq' XfaQ 组件 SQL 注入漏洞
CVE-2008-0529Cisco Unified IP Phone SCCP telnet服务器 缓冲区溢出漏洞
CVE-2008-0528Cisco Unified IP Phone SIP固件 Internet邮件扩展(MIME)编码 缓冲区溢出漏洞
CVE-2008-0527Cisco Unified IP Phone SCCP HTTP服务器 拒绝服务漏洞
CVE-2008-0526Cisco Unified IP Phone SCCP固件超大ICMP回显请求报文 拒绝服务漏洞
CVE-2008-0802Joomla! MediaSlide 组件 index.PHP SQL注入漏洞
CVE-2008-0801Joomla! PAXXGallery 组件 多个SQL注入漏洞
CVE-2008-0800Joomla! MCQuiz 组件 index.PHP SQL注入漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2008-0803

No comments yet

Leave a comment