← Back to CVEs
CVE-2008-5810
N/ADescription
WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to (1) directory names, (2) template names, and (3) session IDs.
CVE Details
CVSS v3.1 ScoreN/A
Published1/2/2009
Last Modified4/23/2026
Sourcenvd
Honeypot Sightings0
Affected Products
fujitsu-siemens:webtransactions
Weaknesses (CWE)
CWE-20
References
http://secunia.com/advisories/33168(cve@mitre.org)
http://securityreason.com/securityalert/4856(cve@mitre.org)
http://www.securityfocus.com/archive/1/499417/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/32927(cve@mitre.org)
http://www.securitytracker.com/id?1021475(cve@mitre.org)
http://www.vupen.com/english/advisories/2008/3462(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47495(cve@mitre.org)
http://bs2www.fujitsu-siemens.de/update/securitypatch.htm#english(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/33168(af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/4856(af854a3a-2127-422b-91ae-364da2661108)
http://www.sec-consult.com/files/20081219-0_fujitsu-siemens_webta_cmdexec.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/499417/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/32927(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1021475(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/3462(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47495(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.