Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-7192

EPSS 0.08% · P23
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-7192

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
WoltLab Burning Board 脚本index.php 跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WoltLab Burning Board (wBB) 3.0.1和其他的3.x版本中的index.php存在跨站请求伪造漏洞。远程攻击者可以借助PM页的删除操作中的pmID参数,劫持用户用于发送请求的身份认证。该请求可以删除特权信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2008-7192

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2008-7192

Please Login to view more intelligence information

Same Patch Batch · n/a · 2009-09-09 · 24 CVEs total

CVE-2009-3124Ipmotor QuarkMail 'get_message.cgi'路径遍历漏洞
CVE-2009-2266oxid eshop 敏感信息泄露漏洞
CVE-2008-7191Pps.Jussieu Polipo未明漏洞
CVE-2008-7190Adium 未明漏洞
CVE-2008-7189Bastian_Blumentritt Local Media Browser 多个未明漏洞
CVE-2008-7188ClipShare 'siteadmin/useredit.php' 权限限制和访问控制漏洞
CVE-2008-7187Coppermine Photo Gallery 脚本include/slideshow.inc.php信息泄露漏洞
CVE-2008-7186Coppermine Photo Gallery 'update.php' 权限许可和访问控制漏洞
CVE-2009-3111FreeRADIUS src/lib/radius.c 'rad_decode()'拒绝服务漏洞
CVE-2009-3113OXID eShop 未明漏洞
CVE-2009-3112Oxidforge OXID eShop未明安全漏洞
CVE-2008-7193PHPKIT 跨站请求伪造漏洞
CVE-2009-2205Apple Java Update 'Java Web Start'缓冲区溢出漏洞
CVE-2009-3123Visavi Wap-Motor gallery/gallery.php路径遍历漏洞
CVE-2009-3122Drupal Ajax Table权限许可和访问控制漏洞
CVE-2009-3121Drupal Ajax Table跨站脚本攻击漏洞
CVE-2009-3120BIGACE Web CMS 'public/index.php'跨站脚本攻击漏洞
CVE-2009-3119X-Iweb.Ru Download System mSF SQL注入漏洞
CVE-2009-3118Danneo CMS 'mod/poll/comment.php' SQL注入漏洞
CVE-2009-3117snowhall silurus_system 脚本category.php SQL注入漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2008-7192

No comments yet

Leave a comment