Lucene search
+L

185 matches found

CVE
CVE
added 2020/03/12 1:5 p.m.47 views

CVE-2020-10472

Summary: CVE-2020-10472 is a reflected XSS vulnerability in Chadha PHPKB Standard Multi-Language 9, specifically in the admin/manage-templates.php page where the GET parameter “sort” can be tainted to inject arbitrary scripts. The affected component is the web application’s template management in...

4.8CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.19 views

CVE-2020-10471

Reflected XSS in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...

4.9AI score0.00733EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.45 views

CVE-2020-10471

CVE-2020-10471 affects Chadha PHPKB Standard Multi-Language 9. It exposes a reflected XSS flaw in admin/manage-articles.php via the GET parameter sort, allowing injection of arbitrary script/HTML. The issue is caused by improper handling/sanitization of the sort parameter. The provided connected ...

4.8CVSS4.8AI score0.00733EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.43 views

CVE-2020-10470

The CVE-2020-10470 issue affects Chadha PHPKB Standard Multi-Language version 9, where a Reflected XSS exists in admin/manage-fields.php through the GET parameter sort. Attackers can inject arbitrary web script or HTML. The primary affected component is the sort parameter in the admin/manage-fiel...

4.8CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.45 views

CVE-2020-10469

CVE-2020-10469 affects Chadha PHPKB Standard Multi-Language 9. Affected component: the GET parameter sort on the admin/manage-departments.php page. Root cause: reflected cross-site scripting (XSS) vulnerability that allows injecting arbitrary web script/HTML. Exploitation details are described in...

4.8CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:5 p.m.47 views

CVE-2020-10468

CVE-2020-10468 is a reflected XSS vulnerability in Chadha PHPKB Standard Multi-Language 9, exploitable via the GET parameter p in admin/edit-news.php. Reported across multiple sources (NVD, Red Hat, CNVD, CVE listings) with the same description: an attacker can inject arbitrary web script or HTML...

4.8CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.23 views

CVE-2020-10466

Reflected XSS in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p...

4.9AI score0.00611EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.44 views

CVE-2020-10465

Chadha PHPKB Standard Multi-Language v9 is affected by a reflected XSS in admin/edit-category.php, exploitable via the GET parameter p to inject arbitrary script/HTML. Root cause is improper handling of user input in the p parameter. Impact is XSS in web contexts, potentially affecting admin-faci...

4.8CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.26 views

CVE-2020-10464

Reflected XSS in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p...

4.9AI score0.00611EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.28 views

CVE-2020-10462

Reflected XSS in admin/edit-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p...

4.9AI score0.00611EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.29 views

CVE-2020-10461

The way comments in article.php vulnerable function in include/functions-article.php are handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored Blind XSS injecting arbitrary web script or HTML in admin/manage-comments.php, via the GET parameter cmt...

6.1AI score0.00742EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.55 views

CVE-2020-10457

Path Traversal in Chadha PHPKB Standard Multi-Language 9 (admin/imagepaster/image-renaming.php) allows attackers to rename any file on the webserver via POST imgName and imgUrl using ../../../’ style sequences. Affected component: image-renaming functionality; root cause: improper validation of p...

4CVSS4AI score0.01084EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:5 p.m.60 views

CVE-2020-10456

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/trash-box.php by adding a question mark ? followed by the payload...

5AI score0.00733EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:5 p.m.43 views

CVE-2020-10452

CVE-2020-10452 concerns Chadha PHPKB Standard Multi-Language 9. Reflected XSS via URIs processed in admin/header.php, enabling injection of script/HTML when an attacker crafts a URI that is passed to admin/add-article.php/save-article.php (and related admin pages as per connected Red Hat advisori...

4.8CVSS4.9AI score0.00733EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:4 p.m.46 views

CVE-2020-10446

CVE-2020-10446: Reflected XSS when handling URIs in Chadha PHPKB Standard Multi-Language 9. The description from Red Hat flags a reflected XSS in admin/header.php that can affect admin/report-category.php by appending a ? payload to the URI. No product version, exploit code, or explicit remediati...

4.8CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:4 p.m.27 views

CVE-2020-10445

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article.php by adding a question mark ? followed by the payload...

5AI score0.00611EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/12 1:4 p.m.29 views

CVE-2020-10440

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article-mailed.php by adding a question mark ? followed by the payload...

5AI score0.00611EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:4 p.m.45 views

CVE-2020-10440

The connected Red Hat advisories confirm CVE-2020-10440 affects Chadha PHPKB Standard Multi-Language 9, where URIs are mishandled in admin/header.php, enabling Reflected XSS in admin/report-article-mailed.php via a crafted query (?payload). This is a reflected XSS through URI handling, allowing a...

4.8CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:4 p.m.54 views

CVE-2020-10438

CVE-2020-10438 affects Chadha PHPKB Standard Multi-Language 9: the URI handling in admin/header.php enables Reflected XSS in admin/reply-ticket.php when a payload is injected after a '?'. The Red Hat CVEs confirm similar patterns for related endpoints (e.g., admin/add-article.php), but the provid...

4.8CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:4 p.m.47 views

CVE-2020-10436

CVE-2020-10436 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability is a Reflected XSS in the URI handling of admin/header.php, enabling injection of arbitrary scripts/HTML in admin/my-profile.php when a crafted URI containing a leading question mark and payload is used. The Red Hat ...

4.8CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder