CVE-2008-6470
Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript insert" and the (1) mods/messages/getusers.php and (2) mods/abcode/listimg.php files. NOTE: some of these details are obtained from third party information.
| Software | From | Fixed in |
|---|---|---|
| clansphere / clansphere | 2007.4.3 | 2007.4.3.x |
| clansphere / clansphere | - | 2008.x |
| clansphere / clansphere | 2007.4 | 2007.4.x |
| clansphere / clansphere | 2007.4.4 | 2007.4.4.x |
| clansphere / clansphere | 2007.4.1 | 2007.4.1.x |
| clansphere / clansphere | 2007.4.2 | 2007.4.2.x |
| clansphere / clansphere | 2007.3.1 | 2007.3.1.x |
- http://osvdb.org/48451
- http://secunia.com/advisories/31965
- http://sourceforge.net/project/shownotes.php?release_id=627530
- http://www.clansphere.net/index/news/view/id/289
- http://www.clansphere.net/index/news/view/id/306
- http://www.securityfocus.com/bid/31293
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45269
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime