« JAWS Coding Guidelines
JAWS 0.4 released »


JAWS 0.3 Security fix

JAWS 0.3 has a security bug in index.php that allows to load files that aren't JAWS gadgets.

Example: http://example.com/index.php?gadget=../../../../../../../etc/passwd%00

To fix this issue, please replace your index.php with this:

http://jaws.com.mx/data/files/index.php.txt

Thanks to Fernando Quintero for report it face-wink.png .

ion | General | July 1, 10:27am