CVE-2005-4239

Php Jackknife < 2.21 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sKeywords parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by r0t3d3Vil · textwebappsphp

https://www.exploit-db.com/exploits/26797

View Code ZIP pw:eip

References (4)

[Third Party Advisory] http://pridels0.blogspot.com/2005/12/php-jackknife-xss-vuln.html

[Exploit] http://www.securityfocus.com/bid/15841

[Third Party Advisory] http://secunia.com/advisories/18020

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/2877

Scores

EPSS 0.0058

EPSS Percentile 68.6%

Classification

Status draft

Affected Products (1)

php_jackknife/php_jackknife < 2.21

Timeline

Published Dec 14, 2005

Tracked Since Feb 18, 2026