Unrated severityNVD Advisory· Published Mar 24, 2008· Updated Apr 23, 2026

CVE-2008-1487

Description

Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, and (5) plugins/stats/stats_view.php.

Affected products

Linpha/Linpha7 versions
cpe:2.3:a:linpha:linpha:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:linpha:linpha:*:*:*:*:*:*:*:*range: <=1.3.2
- cpe:2.3:a:linpha:linpha:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:linpha:linpha:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:linpha:linpha:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:linpha:linpha:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:linpha:linpha:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:linpha:linpha:1.3.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/29525nvdVendor Advisory
linpha.cvs.sourceforge.net/linpha/linpha/ChangeLognvd
linpha.sourceforge.net/wiki/index.php/Release_Notesnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000