Description
Cross-site scripting (XSS) vulnerability in index.php in QwikiWiki 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Dr^Death · textwebappsphp
https://www.exploit-db.com/exploits/27333
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/426319/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/510
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24950
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16874
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/23700
Patch x_refsource_misc
http://sourceforge.net/forum/forum.php?forum_id=438526
Scores
EPSS
0.0654
EPSS Percentile
91.2%
Details
Status
published
Products (1)
david_barrett/qwikiwiki
1.4
Published
Mar 03, 2006
Tracked Since
Feb 18, 2026