The exploit demonstrates Local File Inclusion (LFI) and Remote File Inclusion (RFI) vulnerabilities in jevoncms due to insecure handling of user-supplied input in the 'libdir' and 'path' parameters. The PoC provides direct URLs to exploit these vulnerabilities without requiring authentication.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:jevoncms (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable jevoncms installation