Description
Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) login parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jesper Jurcenoks · textwebappsphp
https://www.exploit-db.com/exploits/30066
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24077
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/469223/100/0/threaded
Exploit, Vendor Advisory mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=117974433216496&w=2
Exploit, Vendor Advisory x_refsource_misc
http://www.netvigilance.com/advisory0028
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34387
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/34784
Scores
EPSS
0.0064
EPSS Percentile
70.7%
Details
Status
published
Products (1)
jetbox/jetbox_cms
2.1
Published
May 21, 2007
Tracked Since
Feb 18, 2026