CyberSec.Space Logo
CVEブラウザに戻る

CVE-2009-1318

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.0320%
EPSS Percentile13.56th
Published2009年4月17日
Last Modified2026年4月23日

Vulnerability Description

Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter.

Affected Platforms (CPE)

📦
Jamroom

Jamroom

All versions
📦
Jamroom

Jamroom

= 1.0
📦
Jamroom

Jamroom

= 1.0
📦
Jamroom

Jamroom

= 1.0
📦
Jamroom

Jamroom

= 1.0
📦
Jamroom

Jamroom

= 1.0
📦
Jamroom

Jamroom

= 1.0
📦
Jamroom

Jamroom

= 2.0.9
📦
Jamroom

Jamroom

= 2.0.9
📦
Jamroom

Jamroom

= 2.6.10
📦
Jamroom

Jamroom

= 2.6.11
📦
Jamroom

Jamroom

= 2.6.12
📦
Jamroom

Jamroom

= 2.60
📦
Jamroom

Jamroom

= 2.60
📦
Jamroom

Jamroom

= 2.60
📦
Jamroom

Jamroom

= 2.61
📦
Jamroom

Jamroom

= 2.62
📦
Jamroom

Jamroom

= 2.63
📦
Jamroom

Jamroom

= 2.64
📦
Jamroom

Jamroom

= 2.65
📦
Jamroom

Jamroom

= 2.66
📦
Jamroom

Jamroom

= 2.67
📦
Jamroom

Jamroom

= 2.68
📦
Jamroom

Jamroom

= 2.69
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0
📦
Jamroom

Jamroom

= 3.0.1
📦
Jamroom

Jamroom

= 3.0.2
📦
Jamroom

Jamroom

= 3.0.3
📦
Jamroom

Jamroom

= 3.0.4
📦
Jamroom

Jamroom

= 3.0.5
📦
Jamroom

Jamroom

= 3.0.6
📦
Jamroom

Jamroom

= 3.0.7
📦
Jamroom

Jamroom

= 3.0.8
📦
Jamroom

Jamroom

= 3.0.9
📦
Jamroom

Jamroom

= 3.0.10
📦
Jamroom

Jamroom

= 3.0.11
📦
Jamroom

Jamroom

= 3.0.12
📦
Jamroom

Jamroom

= 3.0.13
📦
Jamroom

Jamroom

= 3.0.14
📦
Jamroom

Jamroom

= 3.0.15
📦
Jamroom

Jamroom

= 3.0.16
📦
Jamroom

Jamroom

= 3.0.17
📦
Jamroom

Jamroom

= 3.0.18
📦
Jamroom

Jamroom

= 3.0.19
📦
Jamroom

Jamroom

= 3.0.20
📦
Jamroom

Jamroom

= 3.0.21
📦
Jamroom

Jamroom

= 3.0.22
📦
Jamroom

Jamroom

= 3.0.23
📦
Jamroom

Jamroom

= 3.0.24
📦
Jamroom

Jamroom

= 3.0.25
📦
Jamroom

Jamroom

= 3.0.26
📦
Jamroom

Jamroom

= 3.0.27
📦
Jamroom

Jamroom

= 3.0.28
📦
Jamroom

Jamroom

= 3.0.29
📦
Jamroom

Jamroom

= 3.0.30
📦
Jamroom

Jamroom

= 3.1.0
📦
Jamroom

Jamroom

= 3.1.0
📦
Jamroom

Jamroom

= 3.1.0
📦
Jamroom

Jamroom

= 3.1.0
📦
Jamroom

Jamroom

= 3.1.1
📦
Jamroom

Jamroom

= 3.1.2
📦
Jamroom

Jamroom

= 3.1.3
📦
Jamroom

Jamroom

= 3.1.4
📦
Jamroom

Jamroom

= 3.1.5
📦
Jamroom

Jamroom

= 3.2.0
📦
Jamroom

Jamroom

= 3.2.1
📦
Jamroom

Jamroom

= 3.2.2
📦
Jamroom

Jamroom

= 3.2.3
📦
Jamroom

Jamroom

= 3.2.4
📦
Jamroom

Jamroom

= 3.2.5
📦
Jamroom

Jamroom

= 3.2.6
📦
Jamroom

Jamroom

= 3.3.0
📦
Jamroom

Jamroom

= 3.3.1
📦
Jamroom

Jamroom

= 3.3.2
📦
Jamroom

Jamroom

= 3.3.3
📦
Jamroom

Jamroom

= 3.3.4
📦
Jamroom

Jamroom

= 3.3.5
📦
Jamroom

Jamroom

= 3.3.6
📦
Jamroom

Jamroom

= 3.3.7
📦
Jamroom

Jamroom

= 3.3.8
📦
Jamroom

Jamroom

= 4.0.2

References & Advisories

🔗 http://www.jamroom.net/index.php?m=td_tracker&o=view&id=1470
🔗 http://www.securityfocus.com/bid/34511
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/49869
🔗 https://www.exploit-db.com/exploits/8423
🔗 http://www.jamroom.net/index.php?m=td_tracker&o=view&id=1470
🔗 http://www.securityfocus.com/bid/34511
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/49869
🔗 https://www.exploit-db.com/exploits/8423

関連する脆弱性情報

CVE-2008-337610.0

Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unknown impact and attack vectors.

CVE-2008-28869.3

PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_gl...

CVE-2008-33757.5

The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication an...

CVE-2008-28837.5

PHP remote file inclusion vulnerability in include/plugins/jrBrowser/payment.php in Jamroom 3.3.0 through 3.3.5 allows remote atta...

CVE-2009-1318 Detail & Impact Analysis | CVSS 6.5 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space