CVE-2008-5878

EPSS 3.83% · P88 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-5878

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the (1) boxname parameter to theme/superchrome/box.php and the (2) theme parameter to phpclanwebsite/footer.php.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Phpclanwebsite 多个目录遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Phpclanwebsite是一款内容管理系统(CMS)。 Phpclanwebsite(又称PCW)1.23.3修复补丁5以及之前的版本中存在多个目录遍历漏洞。当magic_quotes_gpc被中止而register_globals被激活时，远程攻击者可以借助(1)对theme/superchrome/box.php的boxname参数(2)对phpclanwebsite/footer.php的主题参数中的".."包含和运行任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-5878

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-5878

请登录查看更多情报信息。

https://www.exploit-db.com/exploits/7515exploitx_refsource_EXPLOIT-DB
http://securityreason.com/securityalert/4881third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/32915vdb-entryx_refsource_BID
http://secunia.com/advisories/33211third-party-advisoryx_refsource_SECUNIA
https://nvd.nist.gov/vuln/detail/CVE-2008-5878

Same Patch Batch · n/a · 2009-01-08 · 20 CVEs total

CVE-2009-0043		CA Service Metric Analysis和Service Level Managemen'smmsnmpd'任意命令执行漏洞
CVE-2008-5873		Yerba SACphp 多个远程安全漏洞
CVE-2008-5872		nortel multimedia_communication_server_5100 输入验证漏洞
CVE-2008-5871		nortel multimedia_communication_server_5100 信任管理漏洞
CVE-2008-5870		FastStone Image Viewer 多个BMP拒绝服务漏洞
CVE-2008-5869		proxim tsunami_mp.11_2411 跨站脚本攻击漏洞
CVE-2008-5868		IntelliTamper "CFG" 文件缓冲区溢出漏洞
CVE-2009-0072		Microsoft Internet Explorer 元素BODY 远程拒绝服务漏洞
CVE-2009-0071		Mozilla Firefox designMode空指针引用拒绝服务漏洞
CVE-2009-0070		Apple Safari安全漏洞
CVE-2008-0067		HP OpenView网络节点管理器HTTP请求多个栈溢出漏洞
CVE-2008-5880		Gobbl CMS Cookie 脚本auth.php 身份认证绕过漏洞
CVE-2008-5879		Phpclanwebsite 脚本index.php 跨站脚本攻击漏洞
CVE-2008-5877		Phpclanwebsite 多个输入验证漏洞
CVE-2008-5876		Irrlicht B3D加载器缓冲区溢出和代码执行漏洞
CVE-2008-5875		Joomla ! HBS com_lowcosthotels组件SQL注入漏洞
CVE-2008-5874		Joomla! HBS index.php脚本id参数SQL注入漏洞
CVE-2008-4827		多个厂商SizerOne ActiveX控件AddTab方式堆溢出漏洞
CVE-2008-3819		Cisco全球站点选择器DNS服务器远程拒绝服务漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-5878

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2008-5878

I. Basic Information for CVE-2008-5878

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-5878

III. Intelligence Information for CVE-2008-5878

Same Patch Batch · n/a · 2009-01-08 · 20 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2008-5878

Leave a comment