Total
119 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-10413 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-html.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10425 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-glossary.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10390 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php. | |||||
CVE-2020-10407 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-news.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10433 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-users.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10422 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-drafts.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10436 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/my-profile.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10431 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-templates.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10396 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10414 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index-attachments.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10411 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/email-harvester.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10427 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-languages.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10415 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10430 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-subscribers.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10393 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10388 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php). | |||||
CVE-2020-10403 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-comment.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10437 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/optimize-database.php by adding a question mark (?) followed by the payload. | |||||
CVE-2020-10435 | 1 Chadhaajay | 1 Phpkb | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/my-languages.php by adding a question mark (?) followed by the payload. |