CVE-2008-1037

Packeteer PacketShaper and PolicyCenter 8.2.2 - Cross-Site Scripting via FILELIST Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1037. PoCs published by nnposter.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Packeteer PacketShaper and PolicyCenter due to insufficient input sanitization. It includes a proof-of-concept URL demonstrating the XSS payload.

Description

Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page.

Exploits (1)

exploitdb WRITEUP VERIFIED
by nnposter · textremotehardware
https://www.exploit-db.com/exploits/31298

The provided text describes a cross-site scripting (XSS) vulnerability in Packeteer PacketShaper and PolicyCenter due to insufficient input sanitization. It includes a proof-of-concept URL demonstrating the XSS payload.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Packeteer PacketShaper and PolicyCenter
No auth needed
Prerequisites: User interaction required to visit a crafted URL
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29119
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27982
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488712/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1019501
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3701

Scores

EPSS 0.0148
EPSS Percentile 70.5%

Details

CWE
CWE-79
Status published
Products (2)
packeteer/packetshaper 8.2.2
packeteer/policycenter 8.2.2
Published Feb 27, 2008
Tracked Since Feb 18, 2026