CyberSec.Space Logo
Back to CVE Browser

CVE-2008-3737

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0510%
EPSS Percentile7.63th
PublishedAug 27, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact.

Affected Platforms (CPE)

πŸ“¦
Spacetag

Lacoodast

<= 2.1.3
πŸ“¦
System Consultants

La Cooda Wiz

<= 1.4.0

References & Advisories

πŸ”— http://jvn.jp/en/jp/JVN53886050/index.html
πŸ”— http://secunia.com/advisories/31574
πŸ”— http://secunia.com/advisories/31582
πŸ”— http://wiz.syscon.co.jp/Details.htm
πŸ”— http://www.securityfocus.com/bid/30791
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44594
πŸ”— http://jvn.jp/en/jp/JVN53886050/index.html
πŸ”— http://secunia.com/advisories/31574

Related Vulnerabilities

CVE-2008-37389.1

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecif...

CVE-2008-37366.0

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceT...

CVE-2008-37394.3

Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3...

CVE-2008-198910.0

PHP remote file inclusion vulnerability in 123flashchat.php in the 123 Flash Chat 6.8.0 module for e107, when register_globals is ...