CVE-2008-1042
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-1042
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in include/body.inc.php in Linux Web Shop (LWS) php Download Manager 1.0 and 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
LWS php Download Manager 'include/body.inc.php' 目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux Web Shop (LWS) php Download Manager的include/body.inc.php存在目录遍历漏洞。远程攻击者可以借助content参数中的".."放入和运行任意的本地文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-1042
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-1042
Please Login to view more intelligence information
Same Patch Batch · n/a · 2008-02-27 · 19 CVEs total
| CVE-2008-1047 | TikiWiki 'tiki-edit_article.php' 跨站脚本攻击漏洞 | |
| CVE-2008-1055 | SurgeMail webmail.exe 远程格式化字符串漏洞 | |
| CVE-2008-1054 | SurgeMail CGI可执行程序缓冲区溢出漏洞 | |
| CVE-2008-1053 | PHP-Nuke Kose_Yazilari模块多个SQL注入漏洞 | |
| CVE-2008-1052 | SurgeFTP Content-Length参数空指针引用拒绝服务漏洞 | |
| CVE-2008-1051 | phpProfiles 'include/body_comm.inc.php' 远程文件包含漏洞 | |
| CVE-2008-1050 | Softbiz Jokes和Funny Pictures Script ‘index.php’ SQL注入漏洞 | |
| CVE-2008-1049 | H-Sphere Parallels SiteStudio 未明漏洞 | |
| CVE-2008-1048 | Plume CMS 'manager/xmedia.php' 跨站脚本攻击漏洞 | |
| CVE-2008-1037 | Packeteer PacketShaper/PolicyCenter 网页管理界面 跨站脚本攻击漏洞 | |
| CVE-2008-1046 | quinsonnas_mail_checker ‘footer.php’ 远程文件包含漏洞 | |
| CVE-2008-1045 | Alkacon OpenCms 'system/workplace/views/explorer/tree_files.jsp' 跨站脚本攻击漏洞 | |
| CVE-2008-1044 | Move Media Player Quantum Streaming IE播放器ActiveX控件 缓冲区溢出漏洞 | |
| CVE-2008-1043 | LWS php User Base 'templates/default/header.inc.php' 远程文件包含漏洞 | |
| CVE-2008-1041 | Matt's Whois 'mwhois.php' 跨站脚本攻击漏洞 | |
| CVE-2008-1040 | Fujitsu Interstage Application Server Single Sign-On函数 缓冲区溢出漏洞 | |
| CVE-2008-1039 | PORAR Webboard 'question.asp' SQL注入漏洞 | |
| CVE-2008-1038 | DrBenHur.com DBHcms 'mod.extmanager.php' 远程文件包含漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2008-1042
No comments yet