CVE-2008-5810
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-5810
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to (1) directory names, (2) template names, and (3) session IDs.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Fujitsu-Siemens WebTransactions命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WebTransactions是用于集成整合已有主机应用的解决方案。 WebTransactions没有充分地验证用户提供的输入,在清除临时会话数据时WBPublish.exe在某些情况下将未经验证的输入传送给了system()函数,这可能允许攻击者在受影响的系统上执行任意命令。无需认证便可以通过Web浏览器来利用这个漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-5810
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-5810
请登录查看更多情报信息。
- http://bs2www.fujitsu-siemens.de/update/securitypatch.htm#englishx_refsource_CONFIRM
- Fujitsu-Siemens WebTransactions Remote Command - CXSecurity.comthird-party-advisoryx_refsource_SREASON
- https://nvd.nist.gov/vuln/detail/CVE-2008-5810
Same Patch Batch · n/a · 2009-01-02 · 24 CVEs total
| CVE-2008-5809 | Futomi CGI Cafe Access Analyzer CGI Standard和Access Analyzer CGI Professional会话劫持漏洞 | |
| CVE-2008-2383 | Xterm 代码注入漏洞 | |
| CVE-2008-5820 | Edreamers eDare eDNews 'eDNews_view.php' SQL注入漏洞 | |
| CVE-2008-5819 | eDreamers eDContainer 脚本eDNews_archive.php 目录遍历漏洞 | |
| CVE-2008-5818 | eDreamers eDContainer 脚本index.php 目录遍历漏洞 | |
| CVE-2008-5817 | Web Scribble Solutions webClassifieds 'index.php' 多个SQL注入漏洞 | |
| CVE-2008-5816 | ILIAS 'repository.php' SQL注入漏洞 | |
| CVE-2008-5815 | phpAlumni 'Acomment.php' SQL注入漏洞 | |
| CVE-2008-5814 | php 跨站脚本攻击漏洞 | |
| CVE-2008-5813 | SPIP 'inc/rubriques.php'SQL注入漏洞 | |
| CVE-2008-5812 | SPIP 多个未明漏洞 | |
| CVE-2008-5811 | Joomla! Pax Gallery 组件 'gid' 参数SQL注入漏洞 | |
| CVE-2008-2381 | GForge 'GroupJoinRequest.class' SQL注入漏洞 | |
| CVE-2008-5808 | Six Apart Movable Type 跨站脚本攻击漏洞 | |
| CVE-2006-7236 | Invisible-Island xterm DECRQSS请求远程命令执行漏洞 | |
| CVE-2008-5828 | Microsoft MSN messenger IP地址泄露漏洞 | |
| CVE-2008-5827 | Nokia固件配置错误漏洞 | |
| CVE-2008-5826 | Nokia 6131 NFC手机防火墙 多个拒绝服务攻击漏洞 | |
| CVE-2008-5825 | Nokia 6131手机多个欺骗及拒绝服务漏洞 | |
| CVE-2008-5824 | 68K libaudiofile库msadpcm.c WAV文件处理缓冲区溢出漏洞 |
Showing top 20 of 24 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2008-5810
No comments yet