NVD

Id
4610  
Name
CVE-2008-4796  
Description
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-10-30  
Modified Date
2016-12-19  
Seq
2008-4796  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
28859 4610 CVE-2008-4796 JVN#20502807  View
28860 4610 CVE-2008-4796 JVNDB-2008-000074  View
28861 4610 CVE-2008-4796 http://sourceforge.net/forum/forum.php?forum_id=879959  View
28862 4610 CVE-2008-4796 DSA-1691  View
28863 4610 CVE-2008-4796 DSA-1871  View
28864 4610 CVE-2008-4796 [oss-security] 20081101 CVE-2008-4796: snoopy triage  View
28865 4610 CVE-2008-4796 20080907 xoops-1.3.10 shell command execute vulnerability ( causing snoopy class )  View
28866 4610 CVE-2008-4796 31887  View
28867 4610 CVE-2008-4796 ADV-2008-2901  View
28868 4610 CVE-2008-4796 snoopy-snoopyclass-command-execution(46068)  View
28869 4610 CVE-2008-4796 https://www.nagios.org/projects/nagios-core/history/4x/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
45681 JVNDB-2008-000074 Snoopy における OS コマンドインジェクションの脆弱性 PHP ライブラリである Snoopy には、OS コマンドインジェクションの脆弱性が存在します。 CVE-2008-4796 34909 CVE-2008-4796 4610 5.1 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000074.html 2008-10-28 2008-11-28 View