CVE-2008-3093
published 2008-07-09CVE-2008-3093: Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a…
PriorityP340medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EXPLOIT
EPSS
2.17%
80.0th percentile
Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phplizardo | imperialbb | <= 2.3.5 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion
suricata·2010-07-30·CVSS 10.0
CVE-2008-5063 [CRITICAL] ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion
ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Remote File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/ADM_Pagina.php?"; nocase; content:"Tipo="; nocase; pcre:"/Tipo=\s*(?:https?|ftps?|php)\:\//i"; reference:cve,CVE-2008-5063; reference:url,vupen.com/english/advisories/2008/3093; reference:url,secunia.com/advisories/32645; classtype:web-application-attack; sid:2009395; rev:7; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Expl
Suricata
ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Local File Inclusion
suricata·2010-07-30·CVSS 10.0
CVE-2008-5063 [CRITICAL] ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Local File Inclusion
ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Local File Inclusion
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS OTManager ADM_Pagina.php Tipo Local File Inclusion"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/ADM_Pagina.php?"; fast_pattern; nocase; content:"Tipo="; http.uri.raw; url_decode; content:"|2e 2e 2f|"; reference:cve,CVE-2008-5063; reference:url,vupen.com/english/advisories/2008/3093; reference:url,secunia.com/advisories/32645; classtype:web-application-attack; sid:2009396; rev:8; metadata:affected_product Web_Server_Applications, attack_target Server, created_at 2010_07_30, deployment Perimeter, deployment Internal, deployment Datacenter, confidence High, signature_severity Major, tag Local_File_Inclusion
No writeups or analysis indexed.
http://phplizardo.breizh-web.net/blog/2008/07/05/advisory-1-imperialbbhttp://secunia.com/advisories/30939http://www.securityfocus.com/bid/30100https://exchange.xforce.ibmcloud.com/vulnerabilities/43608https://www.exploit-db.com/exploits/6008http://phplizardo.breizh-web.net/blog/2008/07/05/advisory-1-imperialbbhttp://secunia.com/advisories/30939http://www.securityfocus.com/bid/30100https://exchange.xforce.ibmcloud.com/vulnerabilities/43608https://www.exploit-db.com/exploits/6008
2008-07-09
Published