Search Results (83496 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-10404 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-field.php by adding a question mark (?) followed by the payload.
CVE-2020-10403 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-comment.php by adding a question mark (?) followed by the payload.
CVE-2020-10402 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-category.php by adding a question mark (?) followed by the payload.
CVE-2020-10401 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-article.php by adding a question mark (?) followed by the payload.
CVE-2020-10400 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload.
CVE-2020-10399 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload.
CVE-2020-10398 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-template.php by adding a question mark (?) followed by the payload.
CVE-2020-10397 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload.
CVE-2020-10396 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload.
CVE-2020-10395 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload.
CVE-2020-10394 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload.
CVE-2020-10393 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (?) followed by the payload.
CVE-2020-10392 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload.
CVE-2020-10391 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-article.php by adding a question mark (?) followed by the payload.
CVE-2020-10390 1 Chadhaajay 1 Phpkb 2024-11-21 7.2 High
OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php.
CVE-2020-10388 1 Chadhaajay 1 Phpkb 2024-11-21 5.4 Medium
The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php).
CVE-2020-10385 1 Wpforms 1 Contact Form 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability exists in the WPForms Contact Form (aka wpforms-lite) plugin before 1.5.9 for WordPress.
CVE-2020-10372 1 Ramp 1 Altimeter 2024-11-21 5.4 Medium
Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XSS via the vdms/ipmapping.jsp location field to the dms/rest/services/datastore/createOrEditValueForKey URI.
CVE-2020-10364 1 Mikrotik 26 Ccr1009-7g-1c-1s\+, Ccr1009-7g-1c-1s\+pc, Ccr1009-7g-1c-pc and 23 more 2024-11-21 7.5 High
The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
CVE-2020-10276 3 Easyrobotics, Mobile-industrial-robots, Uvd-robots 20 Er-flex, Er-flex Firmware, Er-lite and 17 more 2024-11-21 9.8 Critical
The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop in case an object is too close to the robot. Navigation and any other components dependent on the laser scanner are not affected (thus it is hard to detect before something happens) though the laser scanner configuration can also be affected altering further the safety of the device.