返回 CVE 浏览器

CVE-2008-6651

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1860%

EPSS Percentile21.45th

Published2009年4月7日

Last Modified2026年4月23日

Vulnerability Description

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.

Affected Platforms (CPE)

📦

Oxyproject

Oxybox

= 0.85

References & Advisories

🔗 http://www.securityfocus.com/bid/28992

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/42110

🔗 https://www.exploit-db.com/exploits/5524

🔗 http://www.securityfocus.com/bid/28992

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/42110

🔗 https://www.exploit-db.com/exploits/5524

相关漏洞威胁

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are ...

CVE-2026-477507.8

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and mo...

CVE-2026-477477.8

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and mo...

CVE-2026-464485.4

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement a...