9 matches found
EUVD-2020-2930
Malware in sbrugna...
SMF 跨站脚本漏洞
SMF Simple Machines Forum is a free, open source community forum project by Simple Machines Open Source. A cross-site scripting vulnerability exists in SMF version 2.1.4, which stems from improper manipulation of the subject/message parameter in the ManageNews.php file, which could lead to a...
Cross-site Scripting (XSS) - Stored in eventum/eventum
Description Multiple Stored XSS in Administration at eventum 3.10.8 Proof of Concept // PoC.payload " Step to Reproduct Goto Administration Areas and choose to feature below Manage News Input payload into fieldTitle Manage Status Input payload into fieldTitle Manage Projects Input payload into...
Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17361)
Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflected cross-site scripting vulnerability exists in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9. The...
Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-18336)
Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflective cross-site scripting vulnerability exists in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9. The...
CVE-2020-10488
CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request...
CVE-2020-10428
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-news.php by adding a question mark ? followed by the payload...
CVE-2020-10428
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-news.php by adding a question mark ? followed by the payload...
PT-2020-12158 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to delete a news article via a crafted request to the "admin/manage-news.php" endpoint. This is made possible by a CSRF flaw. Recommendations: For Chadha...