Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 18/02/2009 Updated: 29/09/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 655

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jaws jaws 0.8.8

Jaws 088 Local File Inclusion POST /upgrade/indexphp language=////////////etc/passwd%00 POST /install/indexphp language=////////////etc/passwd%00 Also vulnerable: Introduction_complete use_log Author notified: Jan 24 # milw0rmcom [2009-02-04] ...

CWE-22 http://www.jaws-project.com/blog/show/jaws-089-released http://www.securityfocus.com/bid/33607 https://exchange.xforce.ibmcloud.com/vulnerabilities/48476 https://www.exploit-db.com/exploits/7976 https://nvd.nist.gov https://www.exploit-db.com/exploits/7976/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-0645

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect