CVE-2008-2478
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-2478
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
cPanel cPanel 'wwwact' 远程特权提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
**有争议的 **cPanel 11.18.6稳定版以及之前的版本和11.23.1目前版以及之前的版本中的scripts/wwwacct允许拥有代理特权的远程认证用户借助邮箱地址字段(又称电子邮件文本框)中的外壳元字符,执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-2478
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-2478
请登录查看更多情报信息。
Same Patch Batch · n/a · 2008-05-28 · 22 CVEs total
| CVE-2008-2488 | Cyril Beaussier RoomPHPlanning 'userform.php' 未授权访问漏洞 | |
| CVE-2008-2498 | Mambo Mambo 版本修复多个输入验证漏洞 | |
| CVE-2008-2497 | Mambo Mambo 修复多个输入验证漏洞 | |
| CVE-2008-2496 | Quate CMS 多个输入验证和跨站脚本攻击漏洞 | |
| CVE-2008-2495 | Pancake.org Zina ’index.php’多个输入验证错误漏洞 | |
| CVE-2008-2494 | Pancake.org Zina ’index.php’多个输入验证错误漏洞 | |
| CVE-2008-2493 | Campus Bulletin Board 'post3/Book.asp' SQL注入和跨站脚本攻击漏洞 | |
| CVE-2008-2492 | Campus Bulletin Board SQL注入和跨站脚本攻击漏洞 | |
| CVE-2008-2491 | ABK-Soft AbleSpace 'adv_cat.php' SQL注入漏洞 | |
| CVE-2008-2490 | typo3 kj_imagelightbox2 user input 跨站脚本攻击漏洞 | |
| CVE-2008-2489 | typo3 sg_zfelib user input SQL注入漏洞 | |
| CVE-2008-2477 | MX-System 'index.php' SQL注入漏洞 | |
| CVE-2008-2487 | MAXSITE maxsite 'index.php' SQL注入漏洞 | |
| CVE-2008-2486 | eMule Plus 'staticservers.dat' 未明安全漏洞 | |
| CVE-2008-2485 | PCPIN Chat 'inc/url_redirection.inc.php' 跨站脚本攻击漏洞 | |
| CVE-2008-2484 | Xomol_cms magic_quotes_gpc SQL注入漏洞 | |
| CVE-2008-2483 | Xomol CMS 'index.php' 目录遍历漏洞 | |
| CVE-2008-2482 | Insane Visions OneCMS load参数本地文件包含漏洞 | |
| CVE-2008-2481 | Simple Machines phpRaider phpbb3 Bridge 'phpbb3.functions.php'远程文件包含漏洞 | |
| CVE-2008-2480 | plusPHP Short URL 'plus.php' 多个-用户脚本远程文件包含漏洞 |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2008-2478
No comments yet