CVE-2011-4095

MEDIUM

Jara 1.6 - Cross-Site Scripting

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4095. PoCs published by Or4nG.M4N.

AI-analyzed exploit summary This is a writeup detailing multiple vulnerabilities in Jara v1.6, including SQL injection, authentication bypass, and XSS. It provides vulnerable code snippets and exploit examples but does not include functional exploit code.

Description

Jara 1.6 has an XSS vulnerability

Exploits (1)

exploitdb WRITEUP VERIFIED

by Or4nG.M4N · textwebappsphp

https://www.exploit-db.com/exploits/18069

View Code ZIP pw:eip

This is a writeup detailing multiple vulnerabilities in Jara v1.6, including SQL injection, authentication bypass, and XSS. It provides vulnerable code snippets and exploit examples but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Sqli | Auth Bypass | Xss

Complexity

Trivial

Reliability

Theoretical

Target: Jara v1.6

No auth needed

Prerequisites: access to the vulnerable application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Mailing List, Third Party Advisory x_refsource_misc

https://www.openwall.com/lists/oss-security/2011/10/31/4

Mailing List, Third Party Advisory x_refsource_misc

https://seclists.org/oss-sec/2011/q4/193

Scores

CVSS v3 6.1

EPSS 0.0130

EPSS Percentile 66.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

jara_project/jara 1.6

Published Jan 21, 2020

Tracked Since Feb 18, 2026