CVE-2006-7127

This exploit demonstrates a Remote File Include (RFI) vulnerability in JAF-CMS 4.0 RC2. It provides URLs that can be used to include arbitrary remote files by manipulating the 'website' or 'main_dir' parameters.

This exploit demonstrates a remote file inclusion vulnerability in JAF CMS 4.0 by manipulating the 'main_dir' parameter to include arbitrary remote files. The vulnerable code does not properly sanitize user input, allowing an attacker to inject malicious URLs.