CVE-2008-6718

U&M Software JustBookIt 1.0 - Unauthenticated Improper Authentication in Admin Scripts

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6718. PoCs published by G4N0K.

AI-analyzed exploit summary This is a writeup detailing an authentication bypass vulnerability in U&M Software JustBookIt v1.0. It lists specific admin panel paths that can be accessed without authentication.

Description

U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) user_manual.php, (2) user_config.php, (3) user_kundnamn.php, (4) user_kundlista.php, (5) user_aktiva_kunder.php, (6) database.php, and possibly (7) index.php.

Exploits (1)

exploitdb WRITEUP VERIFIED
by G4N0K · textwebappsphp
https://www.exploit-db.com/exploits/7033

This is a writeup detailing an authentication bypass vulnerability in U&M Software JustBookIt v1.0. It lists specific admin panel paths that can be accessed without authentication.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: U&M Software JustBookIt v1.0
No auth needed
Prerequisites: Access to the target application's admin panel paths
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32166
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7033

Scores

EPSS 0.0221
EPSS Percentile 80.2%

Details

CWE
CWE-287
Status published
Products (1)
uochm/justbookit 1.0
Published Apr 13, 2009
Tracked Since Feb 18, 2026