CVE-2008-1790
Public Exploits 1
ExploitDB · 1 EDB-5402#CVE-2008-1790 [webapps]
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-1790
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
iScripts SocialWare任意文件上传漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
iScripts SocialWare中存在无限制文件上传漏洞。远程授权管理员通过"管理设置" 功能中的一个精心设计的标示文件来上传任意文件。注意: 远程开发因为一个分离的SQL注入漏洞而变得便捷。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-1790
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-1790
请登录查看更多情报信息。
Vendor Advisories for CVE-2008-1790 (5)
Exploits & Public PoCs for CVE-2008-1790 (1)
Same Patch Batch · n/a · 2008-04-15 · 18 CVEs total
| CVE-2008-1792 | INSERTION FILTER Drupal Flickr模块 跨站脚本攻击漏洞 | |
| CVE-2008-1800 | DivXDB 2002 index.php 多个跨站脚本攻击漏洞 | |
| CVE-2008-1799 | sabros.us 'thumbnails.php' 目录遍历漏洞 | |
| CVE-2008-1798 | Dragoon 'calendrier.php' 目录遍历漏洞 | |
| CVE-2008-1797 | Secure Computing Webwasher URL 远程拒绝服务漏洞 | |
| CVE-2008-1796 | Comix 未明拒绝服务漏洞 | |
| CVE-2008-1795 | Blackboard Academic Suite多个跨站脚本攻击漏洞 | |
| CVE-2008-1794 | Webform Drupal Webform 模块 跨站脚本攻击漏洞 | |
| CVE-2008-1793 | Smart Classified ADS 和 Smart Photo ADS 'view.cgi'多个跨站脚本攻击漏洞 | |
| CVE-2008-1782 | Advanced Software Engineering ChartDirector phpdemo/viewsource.php 信息泄露漏洞 | |
| CVE-2008-1791 | My Gaming Ladder ladder.php SQL注入漏洞 | |
| CVE-2008-1789 | Prozilla Forum forum.php SQL注入漏洞 | |
| CVE-2008-1788 | ProZIlla Entertainers directory.php SQL注入漏洞 | |
| CVE-2008-1787 | Poplar Gedcom Viewer index.php 多个跨站脚本攻击漏洞 | |
| CVE-2008-1785 | ProZIlla Top_100 delete.php 参数 输入验证漏洞 | |
| CVE-2008-1784 | Prozilla Topsites 多个安全绕过漏洞 | |
| CVE-2008-1783 | Prozilla Reviews UserID参数 安全绕过漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9422
KLiK SocialMediaWebsite HTTP POST Request Parameter injectio - CVE-2026-9421
KLiK SocialMediaWebsite File upload.inc.php uniqid unrestric - CVE-2026-9420
KLiK SocialMediaWebsite HTTP GET Request Parameter injection - CVE-2026-9376
JPress UCenter Article Submission Endpoint doWriteSave impro - CVE-2026-9373
JeecgBoot OpenAPI Endpoint call improper authentication
V. Comments for CVE-2008-1790
No comments yet