CVE-2008-2024
published 2008-04-30CVE-2008-2024: Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to inject…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.55%
71.9th percentile
Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the glang[] parameter in a registernew action.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| minibb | minibb | <= 2.2 | — |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
| msrc | windows_10_version_21h2 | — | — |
| msrc | windows_10_version_22h2 | — | — |
| msrc | windows_11_version_21h2 | — | — |
| msrc | windows_11_version_22h2 | — | — |
| msrc | windows_11_version_23h2 | — | — |
| msrc | windows_11_version_24h2 | — | — |
| msrc | windows_server_2008 | — | — |
| msrc | windows_server_2008_for_32-bit_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_for_x64-based_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_r2 | — | — |
| msrc | windows_server_2008_r2_for_x64-based_systems_service_pack_1 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
| msrc | windows_server_2019 | — | — |
| msrc | windows_server_2022 | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
| ruby | rexml | >= 0 < 3.3.3 | 3.3.3 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_msrc8.8HIGH
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
REXML DoS vulnerability
ghsa·2024-08-02
CVE-2024-41946 [MEDIUM] CWE-400 REXML DoS vulnerability
REXML DoS vulnerability
### Impact
The REXML gem before 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API.
If you need to parse untrusted XMLs with SAX2 or pull parser API, you may be impacted to this vulnerability.
### Patches
The REXML gem 3.3.3 or later include the patch to fix the vulnerability.
### Workarounds
Don't parse untrusted XMLs with SAX2 or pull parser API.
### References
* https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ : This is a similar vulnerability
* https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946/: An announce on www.ruby-lang.org
GHSA
GHSA-388v-j5gj-fhhc: Cross-site scripting (XSS) vulnerability in index
ghsa_unreviewed·2022-05-01
CVE-2008-2024 [MEDIUM] CWE-79 GHSA-388v-j5gj-fhhc: Cross-site scripting (XSS) vulnerability in index
Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the glang[] parameter in a registernew action.
Red Hat
kernel: media: intel/ipu6: remove cpu latency qos request on error
vendor_redhat·2025-02-27·CVSS 7.8
CVE-2024-58004 [HIGH] kernel: media: intel/ipu6: remove cpu latency qos request on error
kernel: media: intel/ipu6: remove cpu latency qos request on error
In the Linux kernel, the following vulnerability has been resolved:
media: intel/ipu6: remove cpu latency qos request on error
Fix cpu latency qos list corruption like below. It happens when
we do not remove cpu latency request on error path and free
corresponding memory.
[ 30.634378] l7 kernel: list_add corruption. prev->next should be next (ffffffff9645e960), but was 0000000100100001. (prev=ffff8e9e877e20a8).
[ 30.634388] l7 kernel: WARNING: CPU: 2 PID: 2008 at lib/list_debug.c:32 __list_add_valid_or_report+0x83/0xa0
[ 30.634640] l7 kernel: Call Trace:
[ 30.634650] l7 kernel:
[ 30.634659] l7 kernel: ? __list_add_valid_or_report+0x83/0xa0
[ 30.634669] l7 kernel: ? __warn.cold+0x93/0xf6
[ 30.634678] l7 kernel: ? __list_ad
Suricata
ET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt
suricata·2011-07-01
CVE-2008-2992 ET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt
ET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt"; flow:established,to_client; file.data; content:"util.printf|28 22 25|"; nocase; fast_pattern; pcre:"/util.printf\x28\x22\x25[^\x2C\x29]*f\x22\x2C/i"; reference:url,www.coresecurity.com/content/adobe-reader-buffer-overflow; reference:bid,30035; reference:cve,2008-2992; classtype:attempted-user; sid:2013152; rev:4; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2011_07_01, cve CVE_2008_2992, deployment Perimeter, confidence High, signature_severity Major, tag Web_Client_Attacks, updated_at 2024_04_09;)
Suricata
ET WEB_SPECIFIC_APPS Experts answer.php question_id parameter SQL Injection
suricata·2010-07-30
CVE-2008-5267 ET WEB_SPECIFIC_APPS Experts answer.php question_id parameter SQL Injection
ET WEB_SPECIFIC_APPS Experts answer.php question_id parameter SQL Injection
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Experts answer.php question_id parameter SQL Injection"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/answer.php?"; nocase; content:"question_id="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,2008-5267; reference:url,milw0rm.com/exploits/5776; reference:bugtraq,29642; classtype:web-application-attack; sid:2008931; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, cve CVE_2008_5267, deployment Datacenter, signature_severity Major, tag SQL_Injection, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tacti
Suricata
ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion
suricata·2010-07-30·CVSS 10.0
CVE-2008-5063 [CRITICAL] ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion
ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/ADM_Pagina.php?"; nocase; content:"Tipo="; nocase; pcre:"/Tipo=\s*(?:https?|ftps?|php)\:\//i"; reference:cve,CVE-2008-5063; reference:url,vupen.com/english/advisories/2008/3093; reference:url,secunia.com/advisories/32645; classtype:web-application-attack; sid:2009395; rev:7; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Expl
Suricata
ET WEB_SPECIFIC_APPS Hedgehog CMS footer.php c_temp_path Remote File Inclusion
suricata·2010-07-30·CVSS 9.3
CVE-2008-2898 [CRITICAL] ET WEB_SPECIFIC_APPS Hedgehog CMS footer.php c_temp_path Remote File Inclusion
ET WEB_SPECIFIC_APPS Hedgehog CMS footer.php c_temp_path Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Hedgehog CMS footer.php c_temp_path Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/includes/footer.php?"; nocase; content:"c_temp_path"; nocase; pcre:"/c_temp_path=\s*(https?|ftps?|php)\:\//i"; reference:cve,CVE-2008-2898; reference:url,secunia.com/advisories/30778/; reference:url,milw0rm.com/exploits/8028; classtype:web-application-attack; sid:2009232; rev:8; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_tec
Suricata
ET WEB_SPECIFIC_APPS Hedgehog CMS header.php c_temp_path Remote File Inclusion
suricata·2010-07-30·CVSS 9.3
CVE-2008-2898 [CRITICAL] ET WEB_SPECIFIC_APPS Hedgehog CMS header.php c_temp_path Remote File Inclusion
ET WEB_SPECIFIC_APPS Hedgehog CMS header.php c_temp_path Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Hedgehog CMS header.php c_temp_path Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/includes/header.php?"; nocase; content:"c_temp_path"; nocase; pcre:"/c_temp_path=\s*(https?|ftps?|php)\:\//i"; reference:cve,CVE-2008-2898; reference:url,secunia.com/advisories/30778/; reference:url,milw0rm.com/exploits/5904; classtype:web-application-attack; sid:2009233; rev:8; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_tec
Suricata
ET WEB_SERVER HP OpenView Network Node Manager CGI Directory Traversal
suricata·2010-07-30·CVSS 5.0
CVE-2008-0068 [MEDIUM] ET WEB_SERVER HP OpenView Network Node Manager CGI Directory Traversal
ET WEB_SERVER HP OpenView Network Node Manager CGI Directory Traversal
Rule: alert http1 $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER HP OpenView Network Node Manager CGI Directory Traversal"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/OvCgi/"; nocase; content:"/OpenView5.exe?"; nocase; distance:0; fast_pattern; content:"Action=../../"; nocase; distance:0; http.protocol; content:"HTTP/1."; reference:bugtraq,28745; reference:cve,CVE-2008-0068; reference:url,aluigi.altervista.org/adv/closedviewx-adv.txt; classtype:web-application-attack; sid:2008171; rev:15; metadata:created_at 2010_07_30, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, updated_at 2024_11_26, mitre_tactic_id TA0007, mitre_tactic_name Discov
Suricata
ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion
suricata·2010-07-30
CVE-2008-2649 ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion
ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DesktopOnNet frontpage.php app_path Parameter Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/frontpage.php?"; nocase; content:"app_path="; nocase; pcre:"/app_path=\s*(https?|ftps?|php)\:\//i"; reference:cve,2008-2649; reference:url,xforce.iss.net/xforce/xfdb/42790; reference:url,milw0rm.com/exploits/5715; classtype:web-application-attack; sid:2009318; rev:8; metadata:created_at 2010_07_30, cve CVE_2008_2649, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_te
Suricata
ET WEB_SPECIFIC_APPS XRMS CRM workflow-activities.php include_directory Remote File Inclusion
suricata·2010-07-30·CVSS 6.8
CVE-2008-3399 [MEDIUM] ET WEB_SPECIFIC_APPS XRMS CRM workflow-activities.php include_directory Remote File Inclusion
ET WEB_SPECIFIC_APPS XRMS CRM workflow-activities.php include_directory Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS XRMS CRM workflow-activities.php include_directory Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/activities/workflow-activities.php?"; nocase; content:"include_directory="; nocase; pcre:"/include_directory=\s*(https?|ftps?|php)\:\//i"; reference:cve,CVE-2008-3399; reference:url,milw0rm.com/exploits/6131; reference:url,xforce.iss.net/xforce/xfdb/43992; classtype:web-application-attack; sid:2009870; rev:7; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_ta
Suricata
ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion
suricata·2010-07-30
CVE-2008-2649 ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion
ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DesktopOnNet don3_requiem.php app_path Parameter Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/don3_requiem.php?"; nocase; content:"app_path="; nocase; pcre:"/app_path=\s*(https?|ftps?|php)\:\//i"; reference:cve,2008-2649; reference:url,xforce.iss.net/xforce/xfdb/42790; reference:url,milw0rm.com/exploits/5715; classtype:web-application-attack; sid:2009317; rev:8; metadata:created_at 2010_07_30, cve CVE_2008_2649, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access,
Suricata
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion
suricata·2010-07-30·CVSS 7.5
CVE-2008-3022 [HIGH] ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS phPortal gunaysoft.php uzanti Parameter Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/gunaysoft.php?"; nocase; content:"uzanti="; nocase; pcre:"/uzanti=\s*(https?|ftps?|php)\:\//i"; reference:bugtraq,30064; reference:cve,CVE-2008-3022; reference:url,xforce.iss.net/xforce/xfdb/43569; classtype:web-application-attack; sid:2009327; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion
suricata·2010-07-30·CVSS 7.5
CVE-2008-3022 [HIGH] ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion
ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS phPortal gunaysoft.php icerikyolu Parameter Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/gunaysoft.php?"; nocase; content:"icerikyolu="; nocase; pcre:"/icerikyolu=\s*(https?|ftps?|php)\:\//i"; reference:bugtraq,30064; reference:cve,CVE-2008-3022; reference:url,xforce.iss.net/xforce/xfdb/43569; classtype:web-application-attack; sid:2009325; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SPECIFIC_APPS AvailScript Article Script articles.php aIDS Parameter SQL Injection
suricata·2010-07-30·CVSS 7.5
CVE-2008-4371 [HIGH] ET WEB_SPECIFIC_APPS AvailScript Article Script articles.php aIDS Parameter SQL Injection
ET WEB_SPECIFIC_APPS AvailScript Article Script articles.php aIDS Parameter SQL Injection
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS AvailScript Article Script articles.php aIDS Parameter SQL Injection"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/articles.php?"; nocase; content:"aIDS="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2008-4371; reference:url,secunia.com/advisories/31816/; reference:url,milw0rm.com/exploits/6409; classtype:web-application-attack; sid:2009747; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, signature_severity Major, tag SQL_Injection, updated_at 2024_03_06, mitre_t
http://secunia.com/advisories/29997http://www.minibb.net/forums/9_5110_0.htmlhttp://www.securityfocus.com/bid/28930https://exchange.xforce.ibmcloud.com/vulnerabilities/42013https://www.exploit-db.com/exploits/5494http://secunia.com/advisories/29997http://www.minibb.net/forums/9_5110_0.htmlhttp://www.securityfocus.com/bid/28930https://exchange.xforce.ibmcloud.com/vulnerabilities/42013https://www.exploit-db.com/exploits/5494
2008-04-30
Published