10 matches found
CVE-2022-37140
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...
CVE-2022-37140
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...
CVE-2022-37140
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...
Remote code execution
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...
CVE-2022-37140
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...
Techvillage Paymoney 代码问题漏洞
Techvillage Paymoney is a secure online payment gateway from Techvillage Bangladesh. A security vulnerability exists in Techvillage Paymoney version 3.3, which stems from a malicious file that can be uploaded in the REPLY TICKET function, which opens a calculator when the victim of the downloaded...
Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17937)
Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflected cross-site scripting vulnerability exists in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language version 9. T...
CVE-2020-10500
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request...
CVE-2020-10438
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/reply-ticket.php by adding a question mark ? followed by the payload...
PT-2020-12108 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS in admin/reply-ticket.php. This can be achieved by adding a question mark ? followed by th...