Unrated severityNVD Advisory· Published Jan 2, 2009· Updated Apr 23, 2026

CVE-2008-5810

Description

WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to (1) directory names, (2) template names, and (3) session IDs.

Affected products

Fujitsu Siemens/Webtransactions2 versions
cpe:2.3:a:fujitsu-siemens:webtransactions:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:fujitsu-siemens:webtransactions:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:fujitsu-siemens:webtransactions:7.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bs2www.fujitsu-siemens.de/update/securitypatch.htmnvdPatch
secunia.com/advisories/33168nvdPatchVendor Advisory
securityreason.com/securityalert/4856nvd
www.sec-consult.com/files/20081219-0_fujitsu-siemens_webta_cmdexec.txtnvd
www.securityfocus.com/archive/1/499417/100/0/threadednvd
www.securityfocus.com/bid/32927nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2008/3462nvd
exchange.xforce.ibmcloud.com/vulnerabilities/47495nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000