CVE-2008-2886

Jamroom 3.3.0-3.3.5 - Remote Code Execution via jamroom[jm_dir] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2886. PoCs published by cyberlog.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in CMS Jamroom 3.3.5, where the 'jamroom[jm_dir]' parameter in purchase.php can be manipulated to include arbitrary files, potentially leading to remote code execution if combined with file upload capabilities.

Description

PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by cyberlog · textwebappsphp

https://www.exploit-db.com/exploits/5876

View Code ZIP pw:eip

The exploit describes a directory traversal vulnerability in CMS Jamroom 3.3.5, where the 'jamroom[jm_dir]' parameter in purchase.php can be manipulated to include arbitrary files, potentially leading to remote code execution if combined with file upload capabilities.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: CMS Jamroom 3.3.5

No auth needed

Prerequisites: Access to the vulnerable endpoint · Ability to upload a shell or malicious file

MITRE ATT&CK