Filtered by vendor Chadhaajay
Subscriptions
Total
119 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-10439 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-discussed.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10423 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-feedbacks.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10424 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-fields.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10391 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-article.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10418 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-attachments.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10458 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 6.5 Medium |
Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete any folder on the webserver using a dot-dot-slash sequence (../) via the GET parameter crdir, when the GET parameter action is set to df, causing a Denial of Service. | ||||
CVE-2020-10390 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 7.2 High |
OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php. | ||||
CVE-2020-10393 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10413 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-html.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10434 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-versions.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10406 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-group.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10403 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-comment.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10429 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-settings.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10387 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.9 Medium |
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file. | ||||
CVE-2020-10437 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/optimize-database.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10395 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10392 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload. | ||||
CVE-2020-10386 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 7.2 High |
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory. | ||||
CVE-2020-10397 | 1 Chadhaajay | 1 Phpkb | 2024-08-04 | 4.8 Medium |
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload. |