Lucene search
K

185 matches found

CVE
CVE
added 2020/03/12 1:6 p.m.46 views

CVE-2020-10494

CVE-2020-10494 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9 affecting the admin/edit-news.php endpoint. Affected component is the news-editing function; root cause is CSRF weakness allowing an attacker to edit a news article when a user with appropriate session interacts with...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.23 views

CVE-2020-10493

CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request...

4.6AI score0.00475EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.49 views

CVE-2020-10491

The issue is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language version 9, specifically affecting the endpoint admin/manage-departments.php. A crafted request can cause an attacker to add a department without proper authorization. The root cause is a CSRF weakness that allows unauthoriz...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.42 views

CVE-2020-10490

CVE-2020-10490 describes a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9, where requests to admin/manage-departments.php can delete a department. Root cause: insufficient CSRF protection on the department-management endpoint. Affected product/version: Chadha PHPKB Standard Multi-La...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.40 views

CVE-2020-10489

CVE-2020-10489 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9 affecting the admin/manage-tickets.php endpoint. An attacker can cause a user’s browser to issue a crafted request to delete a ticket, due to inadequate protection against cross-site request forgery. The CVE is docum...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.44 views

CVE-2020-10488

CVE-2020-10488 describes a cross-site request forgery (CSRF) in Chadha PHPKB Standard Multi-Language 9. The vulnerability exists in the admin/manage-news.php endpoint, where a crafted request can cause deletion of a news article. Root cause: CSRF due to insufficient request validation/CSRF protec...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.46 views

CVE-2020-10486

The CVE-2020-10486 issue affects Chadha PHPKB Standard Multi-Language version 9, where a CSRF flaw in admin/manage-comments.php can let an attacker delete a comment via a crafted request. Root cause is CSRF vulnerability due to insufficient request forgery protections, enabling unauthorized actio...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.51 views

CVE-2020-10485

CVE-2020-10485 concerns Chadha PHPKB Standard Multi-Language 9. a CSRF flaw in admin/manage-articles.php enables deletion of an article via a crafted request. Root cause: inadequate CSRF protection on the article-deletion endpoint. Affected product/version: Chadha PHPKB Standard Multi-Language 9....

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.45 views

CVE-2020-10484

The CVE-2020-10484 entry concerns Chadha PHPKB Standard Multi-Language 9. A CSRF flaw in admin/add-field.php allows an attacker to create a custom field via a crafted request, as described across multiple connected sources. The vulnerability is rated CVSS v3.1 4.3 (Medium) with network attack vec...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.30 views

CVE-2020-10483

CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request...

4.6AI score0.00475EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.47 views

CVE-2020-10483

CVE-2020-10483 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9, affecting the admin/ajax-hub.php endpoint. The weakness allows an attacker to cause arbitrary users to post a comment on any article via a crafted request. Documented impact: ability to post comments; no other data ...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.32 views

CVE-2020-10482

CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request...

4.6AI score0.00475EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.48 views

CVE-2020-10482

The connected documents confirm CVE-2020-10482 affects Chadha PHPKB Standard Multi-Language version 9, via a CSRF weakness in admin/add-template.php that lets an attacker add a new article template with a crafted request. The vulnerability stems from insufficient CSRF protection in that endpoint....

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.28 views

CVE-2020-10480

CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request...

4.6AI score0.00567EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.50 views

CVE-2020-10480

CVE-2020-10480 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability is a cross-site request forgery (CSRF) in admin/add-category.php that allows an attacker to add a new category via a crafted request, without requiring authentication. The root cause is insufficient CSRF protection o...

4.3CVSS4.5AI score0.00567EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.40 views

CVE-2020-10479

CVE-2020-10479 affects Chadha PHPKB Standard Multi-Language 9, where a CSRF flaw in admin/add-news.php allows adding a news article via a crafted request. The vulnerability is tied to a CSRF weakness in the /admin/add-news.php endpoint, enabling unauthorized article creation. Affected product/ver...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.27 views

CVE-2020-10478

CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request...

8.7AI score0.01136EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.21 views

CVE-2020-10477

Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...

4.9AI score0.00611EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.29 views

CVE-2020-10476

Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...

4.9AI score0.00611EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.21 views

CVE-2020-10473

Reflected XSS in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...

4.9AI score0.00611EPSS
Exploits1References2
Rows per page
Query Builder