CVE-2008-2497
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-2497
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mambo Mambo 修复多个输入验证漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mambo(也被称为Joomla)是一款开放源代码的WEB内容管理系统。 Mambo的4.6.4之前版本中存在多个输入验证错误,允许恶意用户执行SQL注入或HTTP响应拆分攻击。没有正确地过滤某些输入便返回给了用户,允许攻击者注入任意HTTP头并包含在发送给用户的响应中。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-2497
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-2497
Please Login to view more intelligence information
- http://forum.mambo-foundation.org/showthread.php?t=11799x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2008-2497
Same Patch Batch · n/a · 2008-05-28 · 22 CVEs total
| CVE-2008-2487 | MAXSITE maxsite 'index.php' SQL注入漏洞 | |
| CVE-2008-2498 | Mambo Mambo 版本修复多个输入验证漏洞 | |
| CVE-2008-2496 | Quate CMS 多个输入验证和跨站脚本攻击漏洞 | |
| CVE-2008-2495 | Pancake.org Zina ’index.php’多个输入验证错误漏洞 | |
| CVE-2008-2494 | Pancake.org Zina ’index.php’多个输入验证错误漏洞 | |
| CVE-2008-2493 | Campus Bulletin Board 'post3/Book.asp' SQL注入和跨站脚本攻击漏洞 | |
| CVE-2008-2492 | Campus Bulletin Board SQL注入和跨站脚本攻击漏洞 | |
| CVE-2008-2491 | ABK-Soft AbleSpace 'adv_cat.php' SQL注入漏洞 | |
| CVE-2008-2490 | typo3 kj_imagelightbox2 user input 跨站脚本攻击漏洞 | |
| CVE-2008-2489 | typo3 sg_zfelib user input SQL注入漏洞 | |
| CVE-2008-2488 | Cyril Beaussier RoomPHPlanning 'userform.php' 未授权访问漏洞 | |
| CVE-2008-2477 | MX-System 'index.php' SQL注入漏洞 | |
| CVE-2008-2486 | eMule Plus 'staticservers.dat' 未明安全漏洞 | |
| CVE-2008-2485 | PCPIN Chat 'inc/url_redirection.inc.php' 跨站脚本攻击漏洞 | |
| CVE-2008-2484 | Xomol_cms magic_quotes_gpc SQL注入漏洞 | |
| CVE-2008-2483 | Xomol CMS 'index.php' 目录遍历漏洞 | |
| CVE-2008-2482 | Insane Visions OneCMS load参数本地文件包含漏洞 | |
| CVE-2008-2481 | Simple Machines phpRaider phpbb3 Bridge 'phpbb3.functions.php'远程文件包含漏洞 | |
| CVE-2008-2480 | plusPHP Short URL 'plus.php' 多个-用户脚本远程文件包含漏洞 | |
| CVE-2008-2479 | netlab phpFix 'fix/browse.php' 'auth/00_pass.php' 多个SQL注入漏洞 |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2008-2497
No comments yet