PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 up to and including 3.3.5, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jamroom jamroom 3.3.2 |
||
jamroom jamroom 3.3.3 |
||
jamroom jamroom 3.3.4 |
||
jamroom jamroom 3.3.5 |
||
jamroom jamroom 3.3.0 |
||
jamroom jamroom 3.3.1 |