CVE-2007-3192

Just For Fun Network Management System <0.8.3 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3192. PoCs published by Tim Brown.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in JFFNMS, including SQL injection, XSS, and information disclosure, but does not contain actual exploit code. It references a security advisory and affected versions.

Description

admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to read and modify configuration settings via a direct request.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Tim Brown · textwebappsphp
https://www.exploit-db.com/exploits/30174

The provided text describes multiple vulnerabilities in JFFNMS, including SQL injection, XSS, and information disclosure, but does not contain actual exploit code. It references a security advisory and affected versions.

Classification
Writeup 90%
Attack Type
Sqli | Xss | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Just For Fun Network Management and Monitoring System (JFFNMS) versions prior to 0.8.4-pre3
No auth needed
Prerequisites: Network access to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/471039/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24414
Exploit third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25587
Mailing List mailing-list x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=118151087109711&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37168

Scores

EPSS 0.0356
EPSS Percentile 87.8%

Details

Status published
Products (1)
jffnms/just_for_fun_network_management_system 0.8.3
Published Jun 12, 2007
Tracked Since Feb 18, 2026