CVE-2008-6499

EPSS 2.41% · P85 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-6499

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTE_ADDR variable to 127.0.0.1.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

ApacheFriends XAMPP 'security/xamppsecurity.php'代码注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

XAMPP是一个易于安装的Apache web服务器集成包(MySQL和PHP，Perl中，FTP服务器和phpMyAdmin)，并支持各种操作系统包括：Linux，Solaris，Windows和Mac OS X。 XAMPP 1.6.8版本的security/xamppsecurity.php在SERVER superglobal数组上执行一项提取操作，这会允许远程攻击者骗取关键自变量，例如通过设置REMOTE_ADDR自变量成127.0.0.1。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-6499

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-6499

Please Login to view more intelligence information

https://www.exploit-db.com/exploits/7384exploitx_refsource_EXPLOIT-DB
https://exchange.xforce.ibmcloud.com/vulnerabilities/47202vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2008-6499

Same Patch Batch · n/a · 2009-03-20 · 31 CVEs total

CVE-2008-6494		Robs Projects ASP User Engine.NET 权限许可和访问控制漏洞
CVE-2009-1031		SolarWinds Serv-U File Server 路径遍历漏洞
CVE-2009-1030		WordPress MU wp-includes/wpmu-functions.php模块跨站脚本漏洞
CVE-2009-1029		POP Peeper Date头处理栈溢出漏洞
CVE-2009-1028		Edisys eZip Wizard Zip File Stack 远程缓冲区溢出漏洞
CVE-2009-1027		OpenCart order参数SQL注入漏洞
CVE-2009-1026		Kim Websites 'login.php' SQL注入漏洞
CVE-2009-1025		Beerwin PHPLinkAdmin 'linkadmin.php'远程文件代码注入漏洞
CVE-2009-1024		Beerwin's PhpLinkAdmin 'edlink.php'及其他未明向量SQL注入漏洞
CVE-2009-1023		phpComasy 'index.php' SQL注入漏洞
CVE-2009-1022		Gomlab GOM Encoder .srt文件解析堆溢出漏洞
CVE-2008-6498		Apachefriends XAMPP 'security/xamppsecurity.php'多个跨站脚本攻击漏洞
CVE-2008-6497		Neostrada Livebox ADSL Router HTTP Request 拒绝服务漏洞
CVE-2008-6496		Visagesoft eXPert PDF EditorX ActiveX控件任意文件覆盖漏洞
CVE-2008-6495		yappa-ng 跨站脚本漏洞
CVE-2008-6500		CodeToad ASP Shopping Cart Script 默认UR查询字符串跨站脚本攻击漏洞
CVE-2008-6493		Easy-News Easy Content Management Publishing 'Database/News.mdb'权限许可和访问控制漏洞
CVE-2008-6492		Tizag Countdown Creater 'process.php' 任意文件上传漏洞
CVE-2009-1040		WinAsm Studio .wap项目文件处理堆溢出漏洞
CVE-2009-1039		CDex ogg文件处理缓冲区溢出漏洞

Showing top 20 of 31 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-6499

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2008-6499

I. Basic Information for CVE-2008-6499

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-6499

III. Intelligence Information for CVE-2008-6499

Same Patch Batch · n/a · 2009-03-20 · 31 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2008-6499

Leave a comment