CVE-2008-7151
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-7151
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to hijack the authentication of unspecified privileged users for requests that can be leveraged to execute arbitrary PHP code.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Gurpartap_Singh Drupal Live模块跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal Live模块中存在跨站请求伪造漏洞。远程攻击者可以劫持未明特权用户的身份认证,以便发送用于执行任意的PHP代码的请求。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-7151
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-7151
Please Login to view more intelligence information
- http://drupal.org/node/236609x_refsource_CONFIRM
- http://drupal.org/node/236607x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2008-7151
Same Patch Batch · n/a · 2009-09-01 · 26 CVEs total
| CVE-2008-7141 | Alexphpteam lex Poll 'setup.php'跨站脚本攻击漏洞 | |
| CVE-2009-3038 | RIM BlackBerry Desktop Manager 拒绝服务漏洞 | |
| CVE-2009-3037 | Autonomy KeyView软件包XSL文件 远程缓冲区溢出漏洞 | |
| CVE-2008-7152 | Simon_Rycroft SID 'dir'参数远程文件包含漏洞 | |
| CVE-2008-7150 | Ber_Kessels Drupal Refine by Taxonomy模块跨站脚本攻击漏洞 | |
| CVE-2008-7149 | AgileWiki 未明漏洞 | |
| CVE-2008-7148 | synfig Animation studio 未明漏洞 | |
| CVE-2008-7147 | IntraLearn 跨站脚本攻击漏洞 | |
| CVE-2008-7146 | IntraLearn 敏感信息泄露漏洞 | |
| CVE-2008-7145 | CoronaMatrix phpAddressBook 'index.php' SQL注入漏洞 | |
| CVE-2008-7144 | rarlab winrar 多个未明漏洞 | |
| CVE-2008-7143 | phpbb 信息泄露漏洞 | |
| CVE-2008-7142 | cPanel 磁盘使用模块绝对路径游历漏洞 | |
| CVE-2009-3040 | OCS Inventory NG download.php和group_show.php SQL注入漏洞 | |
| CVE-2008-7140 | Alexguestbook lex Guestbook多个跨站脚本攻击漏洞 | |
| CVE-2008-7139 | Eye-Fi 'WS-Proxy'多个跨站请求伪造漏洞 | |
| CVE-2008-7138 | Eye-Fi管理器密码泄露漏洞 | |
| CVE-2008-7137 | Eye-Fi 'WS-Proxy'拒绝服务漏洞 | |
| CVE-2008-7136 | icq_toolbar 'toolbaru.dll' 多个远程拒绝服务漏洞 | |
| CVE-2008-7135 | icq_toolbar 'toolbaru.dll' 拒绝服务漏洞 |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2008-7151
No comments yet