Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-2445. PoCs published by Fernando Quintero.
AI-analyzed exploit summary The writeup describes multiple vulnerabilities in JAWS, including XSS, directory traversal, and authentication bypass. It provides an example URI for exploiting the directory traversal vulnerability to disclose files.
Description
Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. (dot dot) in the gadget parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Fernando Quintero · textwebappsphp
https://www.exploit-db.com/exploits/24255
The writeup describes multiple vulnerabilities in JAWS, including XSS, directory traversal, and authentication bypass. It provides an example URI for exploiting the directory traversal vulnerability to disclose files.
Classification
Writeup 90%
Attack Type
Info Leak | Auth Bypass | Xss
Complexity
Trivial
Reliability
Theoretical
Target:
JAWS (version not specified)
No auth needed
Prerequisites:
Access to a vulnerable JAWS instance
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_osvdb
http://www.osvdb.org/7722
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16620
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1010651
Exploit, Vendor Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0226.html
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10670
Scores
EPSS
0.0843
EPSS Percentile
94.3%
Details
Status
published
Products (1)
jaws/jaws
0.3_beta
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026