CVE-2007-3312

Jasmine CMS 1.0 - Authenticated Directory Traversal via u Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3312. PoCs published by Silentz.

AI-analyzed exploit summary This exploit demonstrates SQL injection and remote code execution in Jasmine CMS 1.0 by injecting malicious PHP code into log files and leveraging a vulnerable parameter in plugin_manager.php. It also includes functionality to retrieve admin credentials via SQL injection.

Description

Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Silentz · phpwebappsphp

https://www.exploit-db.com/exploits/4081

View Code ZIP pw:eip

This exploit demonstrates SQL injection and remote code execution in Jasmine CMS 1.0 by injecting malicious PHP code into log files and leveraging a vulnerable parameter in plugin_manager.php. It also includes functionality to retrieve admin credentials via SQL injection.

Classification

Working Poc 100%

Attack Type

Rce | Sqli

Complexity

Moderate

Reliability

Reliable

Target: Jasmine CMS 1.0

No auth needed

Prerequisites: Target must have Jasmine CMS 1.0 installed · Web server must have write permissions to log files · PHP must be configured to allow file inclusion

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 18, 2026 Full analysis →