CVE-2008-4721

PHP Jabbers Post Comment - Information Disclosure

Title source: rule

Description

PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Crackers_Child · textwebappsphp

https://www.exploit-db.com/exploits/6625

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/45503

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6625

[Third Party Advisory] http://secunia.com/advisories/27991

[Third Party Advisory] http://securityreason.com/securityalert/4502

Scores

EPSS 0.0226

EPSS Percentile 84.4%

Classification

CWE

CWE-287 CWE-200

Status draft

Affected Products (1)

php_jabbers/post_comment

Timeline

Published Oct 23, 2008

Tracked Since Feb 18, 2026