CVE-2006-7128

This Perl script exploits a remote file inclusion vulnerability in JAF CMS <= 4.0 RC1 by injecting a remote shell path into the 'website' parameter of the forum module. It uses a GUI interface to allow the attacker to specify the target URL, shell path, and command to execute.

This exploit demonstrates a Remote File Include (RFI) vulnerability in JAF-CMS 4.0 RC2. The exploit provides URLs that can be used to include arbitrary remote files via the 'website' and 'main_dir' parameters in multiple PHP scripts.