PT-2008-4857 · Jnshosts · Jnshosts Php Hosting Directory

Romancyxhacker

Published

2008-08-04

Updated

2017-09-29

CVE-2008-3455

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions JnSHosts PHP Hosting Directory version 2.0

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the rd parameter in the include/admin.php file.

Recommendations For JnSHosts PHP Hosting Directory version 2.0, consider restricting access to the include/admin.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the rd parameter in the affected URL until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2008-3455

Affected Products

Jnshosts Php Hosting Directory

PT-2008-4857 · Jnshosts · Jnshosts Php Hosting Directory

CVE-2008-3455

Weakness Enumeration

Related Identifiers

Affected Products

References · 6