cbcvebase.
CVE-2008-3375
published 2008-07-30

CVE-2008-3375: The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access…

PriorityP357high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.56%
87.9th percentile
The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access via a boolean value within serialized data in a JMU_Cookie cookie.

Affected

68 ranges· showing 25
VendorProductVersion rangeFixed in
jamroomjamroom<= 3.3.8
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom
jamroomjamroom

Detection & IOCsextracted from sources · hover to see the quote

cookieJMU_Cookie
pathincludes/jamroom-misc.inc.php
  • Monitor for HTTP requests carrying a JMU_Cookie cookie whose value contains serialized PHP data with a boolean true/false value, which is the mechanism used to bypass authentication in the jrCookie function.
  • Flag any unauthenticated or low-privilege session that suddenly gains administrative access in JamRoom versions prior to 3.4.0, as exploitation grants full admin rights.
  • ·The vulnerable code path is specifically within the jrCookie function; patched versions (3.4.0 and above) are not affected. Ensure the application is running a vulnerable version (e.g., 3.3.8) before treating detections as true positives.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.