CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-0502

HIGH
7.5
CVSS Severity Score
EPSS Score0.1520%
EPSS Percentile12.06th
Published2008年1月31日
Last Modified2026年4月23日

Vulnerability Description

PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter.

Affected Platforms (CPE)

📦
Connectix

Connectix Boards

<= 0.8.2
📦
Connectix

Connectix Boards

= 0.8.1

References & Advisories

🔗 http://secunia.com/advisories/28704
🔗 http://www.securityfocus.com/bid/27506
🔗 http://www.vupen.com/english/advisories/2008/0363
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/40040
🔗 https://www.exploit-db.com/exploits/5012
🔗 http://secunia.com/advisories/28704
🔗 http://www.securityfocus.com/bid/27506
🔗 http://www.vupen.com/english/advisories/2008/0363

相关漏洞威胁

CVE-2007-12546.5

SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execu...

CVE-2007-12556.0

Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated adminis...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-461510.0

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.