CVE-2009-2313

Jinzora Media Jukebox <2.8 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by dun · textwebappsphp

https://www.exploit-db.com/exploits/8278

View Code ZIP pw:eip

References (1)

Core 1

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/8278

Scores

EPSS 0.0189

EPSS Percentile 83.3%

Details

CWE

CWE-22

Status published

Products (37)

jinzora/jinzora 0.1.1

jinzora/jinzora 0.2

jinzora/jinzora 0.3 (3 CPE variants)

jinzora/jinzora 0.3.1

jinzora/jinzora 0.4

jinzora/jinzora 0.5

jinzora/jinzora 0.6.2

jinzora/jinzora 0.7

jinzora/jinzora 0.8.1

jinzora/jinzora 0.8.2

... and 27 more

Published Jul 02, 2009

Tracked Since Feb 18, 2026