CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-6651

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile21.45th
Published2009年4月7日
Last Modified2026年4月23日

Vulnerability Description

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.

Affected Platforms (CPE)

📦
Oxyproject

Oxybox

= 0.85

References & Advisories

🔗 http://www.securityfocus.com/bid/28992
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/42110
🔗 https://www.exploit-db.com/exploits/5524
🔗 http://www.securityfocus.com/bid/28992
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/42110
🔗 https://www.exploit-db.com/exploits/5524

相关漏洞威胁

CVE-2008-163310.0

Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of (1) /tmp and (...

CVE-2008-161110.0

Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote attackers to cause a denial of service or execute arbi...

CVE-2008-524410.0

Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and attack vectors related to libfaad. NOTE: due to the la...

CVE-2008-133110.0

cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and ...