CVE-2008-3454

JnSHosts PHP Hosting Directory 2.0 - Auth Bypass

Title source: llm

Description

JnSHosts PHP Hosting Directory 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the "adm" cookie value to 1.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Stack · textwebappsphp

https://www.exploit-db.com/exploits/6163

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/31235

[Exploit] http://www.securityfocus.com/bid/30444

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6163

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44110

[Third Party Advisory] http://securityreason.com/securityalert/4105

Scores

EPSS 0.0249

EPSS Percentile 85.1%

Classification

CWE

CWE-264

Status draft

Affected Products (1)

jnshosts/php_hosting_directory

Timeline

Published Aug 04, 2008

Tracked Since Feb 18, 2026