Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-1318

Опубликовано: 17 апр. 2009
Источник: nvd
CVSS2: 6.5
EPSS Низкий

Описание

Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:jamroom:jamroom:*:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:1.0:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:1.0:b1:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:1.0:b2:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:1.0:b3:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:1.0:b4:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:1.0:b5:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.0.9:a:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.6.11:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.6.12:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.60:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.60:rc2:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.60:rc3:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.61:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.62:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.63:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.64:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.65:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.66:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.67:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.68:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:2.69:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b1:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b2:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b3:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b4:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b5:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b6:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b7:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0:b8:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.15:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.16:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.17:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.18:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.19:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.20:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.21:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.22:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.23:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.24:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.25:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.26:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.27:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.28:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.29:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.0.30:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.0:b1:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.0:b2:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.0:b3:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.6:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.7:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:3.3.8:*:*:*:*:*:*:*
cpe:2.3:a:jamroom:jamroom:4.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.02316
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-55m7-fhr5-ph85

github
почти 4 года назад

Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter.

EPSS

Процентиль: 84%
0.02316
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-22