EUVD-2009-0648

Malware in sbrugna...

EUVD-2005-1234

Malware in sbrugna...

CVE-2020-35656

Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components=InstallGadget∁=FileBrowser and admin.php?reqGadget=FileBrowser=Files to upload a .php file. NOTE: this is unrelated to the JAWS aka Job Access With Speech...

CVE-2020-35657

Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of UploadTheme to upload a theme ZIP archive containing a .php file that is able to execute OS commands. NOTE: this is unrelated to the JAWS aka Job Access With Speech product...

JAWS index.php gadget Parameter Traversal Arbitrary File Access

The remote web server is running JAWS, a content management system written in PHP. Input to the 'gadget' parameter of index.php is not properly sanitized. A remote attacker could exploit this to read potentially sensitive data from the system. This information could also be used to mount further...

CVE-2004-2445

Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. dot dot in the gadget parameter...

CVE-2004-2444

Cross-site scripting XSS vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter...

Jaws 0.2/0.3/0.4 - 'ControlPanel.php' SQL Injection

source: https://www.securityfocus.com/bid/10826/info JAWS is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the controlpanel.php script due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL query...