CVE-2008-5671
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-5671
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Joomla! 1.0.13 - 1.0.14 Undefined RG_EMULATION 远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Joomla!是一套采用PHP+MySQL数据库开发,可跨平台运行的内容管理系统。 Joomla! 1.0.11版本至1.0.14版本的index.php中存在PHP远程文件包含漏洞,当configuration.php中的RG_EMULATION被激活时,远程攻击者可以借助在mosConfig_absolute_path中的一个URL,执行任意PHP代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-5671
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-5671
Please Login to view more intelligence information
- Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php - CXSecurity.comthird-party-advisoryx_refsource_SREASON
- https://nvd.nist.gov/vuln/detail/CVE-2008-5671
Same Patch Batch · n/a · 2008-12-18 · 17 CVEs total
| CVE-2008-5675 | IBM WebSphere Portal and Workplace Web Content Management 未明安全绕过漏洞 | |
| CVE-2008-5676 | ModSecurity Transformation Caching 安全绕过漏洞 | |
| CVE-2008-5677 | kwalbum 输入验证漏洞 | |
| CVE-2008-5678 | OLIB7 WebView 'infile' Parameter本地文件包含漏洞 | |
| CVE-2008-5663 | Kusaba 'paint_save.php' 远程代码执行漏洞 | |
| CVE-2008-5664 | Realtek Media Player PLA文件缓冲区溢出漏洞 | |
| CVE-2008-5665 | XOOPS xhresim Module 'index.php' SQL注入漏洞 | |
| CVE-2008-5666 | Win FTP Server PASV命令远程拒绝服务漏洞 | |
| CVE-2008-5667 | Vba32 Personal Antivirus Archive Parsing 拒绝服务漏洞 | |
| CVE-2008-5668 | textpattern 跨站脚本攻击漏洞 | |
| CVE-2008-5669 | Textpattern 'index.php'拒绝服务攻击漏洞 | |
| CVE-2008-5670 | textpattern 信任管理漏洞 | |
| CVE-2008-5672 | phparanoid 跨站请求伪造漏洞 | |
| CVE-2008-5673 | phparanoid 权限许可和访问控制漏洞 | |
| CVE-2008-5674 | webcamXP多个信息泄露及拒绝服务漏洞 | |
| CVE-2008-5499 | Adobe Flash Player for Linux SWF文件处理代码执行漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2008-5671
No comments yet