Jaws CMS Directory Traversal Vulnerability Network Vulnerability

Summary

This host is running Jaws CMS and is prone to Directory Traversal Vulnerability.

Impact

Successful exploitation will let the attacker execute local file inclusion attacks and gain sensitive information about the remote system directories where Jaws CMS runs. Impact level: Application/System

Solution

Upgrade to the latest version 0.8.9 http://www.jaws-project.com

Insight

This flaw is due to error in file 'index.php' in 'language' parameter which lets the attacker execute local file inclusion attacks.

Affected

Jaws CMS 0.8.8 and prior

References

http://xforce.iss.net/xforce/xfdb/48476

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-0645

CVSS	Base Score: 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Apache Tomcat NIO Connector Denial of Service Vulnerability
Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14
A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities