CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-2075

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile44.35th
Published2008年5月5日
Last Modified2026年4月23日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in pic.php in AstroCam 2.5.0 through 2.7.3 allows remote attackers to inject arbitrary web script or HTML via the picfile parameter.

Affected Platforms (CPE)

📦
Astrocam

Astrocam

= 2.5.0
📦
Astrocam

Astrocam

= 2.5.1
📦
Astrocam

Astrocam

= 2.5.2
📦
Astrocam

Astrocam

= 2.5.3
📦
Astrocam

Astrocam

= 2.5.4
📦
Astrocam

Astrocam

= 2.5.5
📦
Astrocam

Astrocam

= 2.5.5
📦
Astrocam

Astrocam

= 2.5.6
📦
Astrocam

Astrocam

= 2.5.6
📦
Astrocam

Astrocam

= 2.5.7
📦
Astrocam

Astrocam

= 2.5.8
📦
Astrocam

Astrocam

= 2.5.8
📦
Astrocam

Astrocam

= 2.5.8
📦
Astrocam

Astrocam

= 2.5.9
📦
Astrocam

Astrocam

= 2.6.0
📦
Astrocam

Astrocam

= 2.6.1
📦
Astrocam

Astrocam

= 2.6.2
📦
Astrocam

Astrocam

= 2.6.3
📦
Astrocam

Astrocam

= 2.6.4
📦
Astrocam

Astrocam

= 2.6.5
📦
Astrocam

Astrocam

= 2.6.6
📦
Astrocam

Astrocam

= 2.7.0
📦
Astrocam

Astrocam

= 2.7.1
📦
Astrocam

Astrocam

= 2.7.2
📦
Astrocam

Astrocam

= 2.7.3

References & Advisories

🔗 http://astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup
🔗 http://astrocam.svn.sourceforge.net/viewvc/astrocam/CHANGELOG?view=markup
🔗 http://astrocam.svn.sourceforge.net/viewvc/astrocam/v2.x/pic.php?r1=125&r2=126
🔗 http://secunia.com/advisories/30039
🔗 http://securityreason.com/securityalert/3852
🔗 http://www.securityfocus.com/archive/1/491513/100/0/threaded
🔗 http://www.securityfocus.com/bid/28998
🔗 http://www.wendzel.de/?sub=showpost&blogid=5&postid=56

相关漏洞威胁

CVE-2002-187410.0

astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a...

CVE-2007-14267.8

The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attackers to cause a denial of service (daemon shutdown) via reque...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...