Product

Jamroom 1.0 B1


View All Versions

Vulnerability History

Weakness Analysis

Related Vulnerabilities

Vulnerability Severity Score Release Date Summary
CVE-2008-3375 7.5 July 30, 2008

The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access via a boolean value within serialized data in a JMU_Cookie cookie.

CVE-2009-1318 6.5 April 17, 2009

Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter.

CVE-2010-2463 4.3 June 25, 2010

Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.

CVE-2009-1318 6.5 April 17, 2009

Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter.

Followers