CVE-2008-5043
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-5043
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the web-based interface in IBM Metrica Service Assurance Framework allow remote authenticated users to inject arbitrary web script or HTML via (1) the elementid parameter in a generatedreportresults action to the ReportTree program, (2) the jnlpname parameter to the Launch program, or (3) the :tasklabel parameter to the ReportRequest program, related to the name of a report.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM Tivoli Netcool Service Quality Manager Web接口多个跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM Tivoli Netcool Service Quality Manager是美国IBM公司的一套将服务质量管理和服务水平协议组合用来管理电信服务质量的解决方案。该方案提供监控和改进客户体验的质量、综合的数据收集和丰富的构建服务模型等功能。 Tivoli Netcool Service Quality Manager的Web接口中存在多个跨站脚本漏洞,已认证的用户可以使用报表生成功能创建名称中嵌入了恶意代码的报表,当在主面板中打开报表历史时就会在用户浏览器会话中执行注入的代码。 至少有以下三个页面
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-5043
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-5043
请登录查看更多情报信息。
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065520.htmlmailing-listx_refsource_FULLDISC
- https://nvd.nist.gov/vuln/detail/CVE-2008-5043
Same Patch Batch · n/a · 2008-11-12 · 11 CVEs total
| CVE-2008-4029 | Microsoft XML Core Services DTD跨域信息泄露漏洞 | |
| CVE-2008-4033 | Microsoft XML Core Services传输编码跨域信息泄露漏洞 | |
| CVE-2008-4037 | Microsoft Windows 授权问题漏洞 | |
| CVE-2008-5044 | Microsoft Windows UnhookWindowsHookEx 'win32k.sys' 本地拒绝服务漏洞 | |
| CVE-2008-5041 | Sweex RO002路由器默认帐号口令漏洞 | |
| CVE-2008-5042 | Zeeways PhotoVideoTube 'home.php' 身份认证绕过漏洞 | |
| CVE-2008-5037 | Elkagroup Image Gallery 'view.php' SQL注入漏洞 | |
| CVE-2008-5038 | Novell eDirectory NCP Get扩展信息请求远程堆内存破坏漏洞 | |
| CVE-2008-5039 | PHP-Nuke League模块跨站脚本攻击漏洞 | |
| CVE-2008-5040 | Graphiks MyForum 'myforum_login和myforum_pass' 身份认证绕过漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2008-5043
No comments yet