CVE-2008-4171
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-4171
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Invision Power Board name参数SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Invision Power Board是一个非常流行的PHP论坛程序。 Invision Power Board的xmlout.php文件没有正确地验证用户请求中的name参数,远程攻击者可以通过向论坛提交恶意请求执行SQL注入攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-4171
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-4171
Please Login to view more intelligence information
- http://forums.invisionpower.com/index.php?showtopic=276512x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2008-4171
Same Patch Batch · n/a · 2008-09-22 · 18 CVEs total
| CVE-2008-3949 | GNU Emacs 'python.el' 代码执行漏洞 | |
| CVE-2008-4159 | Zanfi CMS lite 'index.php' SQL注入漏洞 | |
| CVE-2008-4158 | zanfi_solutions zanfi_solutions zanfi_cms_lite 路径游历漏洞 | |
| CVE-2008-4157 | Vastal I-Tech phpVID 'group.php' SQL注入漏洞 | |
| CVE-2008-4164 | MemHT Portal 'cron.php'信息泄露漏洞 | |
| CVE-2008-4163 | Windows平台ISC BIND 未明漏洞 | |
| CVE-2008-4162 | NooMS 'admin/auth.php' 开放重定向漏洞 | |
| CVE-2008-4161 | Assetman 'search_inv.php' SQL注入漏洞 | |
| CVE-2008-4160 | Sun Solaris UFS Filesystem 'acl(2)' 本地拒绝服务漏洞 | |
| CVE-2008-4165 | Kolab Groupware Server 'admin/user/create_user.php' 信息泄露漏洞 | |
| CVE-2008-4173 | proarcadescript SQL注入漏洞 | |
| CVE-2008-4172 | Cars & Vehicle 'page.php in' SQL注入漏洞 | |
| CVE-2008-4170 | osCommerce 2.2 RC 2a 'create_account.php'敏感信息泄露漏洞 | |
| CVE-2008-4169 | iscripts easyindex 'detaillist.php' SQL注入漏洞 | |
| CVE-2008-4168 | Pro2col Stingray FTS 'login.jsp' 跨站脚本攻击漏洞 | |
| CVE-2008-4167 | Easy Photo Gallery 'useradmin.php' 权限管理漏洞 | |
| CVE-2008-4166 | Avant Browser JavaScript引擎 整数溢出漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2008-4171
No comments yet