header-logo
Suggest Exploit
vendor:
PHP JackKnife
by:
7.5
CVSS
HIGH
Input Validation
CWE
Product Name: PHP JackKnife
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

PHP JackKnife Input Validation Vulnerabilities

The PHP JackKnife application is prone to multiple input-validation vulnerabilities, including cross-site scripting (XSS) and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization techniques. Additionally, keeping the application and underlying software up to date can help prevent exploitation.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24253/info
 
PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues.
 
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
 
http://www.example.com/PHPJK/Search/DisplayResults.php?DOMAIN_Link=&iSearchID=-1+UNION+SELECT+1,1,1,1,Login,1,Password,1,1,1,1,1,1,1+FROM+Accounts/*

Navigation

Suggest Exploit

Services By CQR