Lucene search
K

185 matches found

Prion
Prion
added 2020/03/12 2:15 p.m.16 views

Cross site scripting

Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...

3.5CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.15 views

Cross site request forgery (csrf)

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request...

4.3CVSS4.6AI score0.00485EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.16 views

Cross site request forgery (csrf)

CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request...

4.3CVSS6.3AI score0.0055EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.14 views

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-template.php by adding a question mark ? followed by the payload...

3.5CVSS4.9AI score0.00733EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.19 views

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-comments.php by adding a question mark ? followed by the payload...

3.5CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.15 views

Cross site request forgery (csrf)

CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request...

4.3CVSS4.6AI score0.00535EPSS
Exploits3References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.16 views

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/reply-ticket.php by adding a question mark ? followed by the payload...

3.5CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.14 views

Cross site request forgery (csrf)

CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request...

4.3CVSS6.3AI score0.0055EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.19 views

Cross site scripting

Reflected XSS in admin/edit-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p...

3.5CVSS4.8AI score0.00611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.16 views

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article-monthly.php by adding a question mark ? followed by the payload...

3.5CVSS4.9AI score0.00611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 2:15 p.m.18 views

Cross site request forgery (csrf)

CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request...

6.8CVSS8.6AI score0.01136EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/03/12 1:15 p.m.18 views

Directory traversal

admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory...

6.5CVSS7AI score0.12339EPSS
Exploits5References4Affected Software1
CVE
CVE
added 2020/03/12 1:6 p.m.47 views

CVE-2020-10504

CVE-2020-10504 affects Chadha PHPKB Standard Multi-Language 9, where a CSRF flaw in admin/edit-comments.php enables an attacker to edit a comment by supplying an id via a crafted request. The vulnerability stems from insufficient CSRF protection in the affected endpoint, allowing unauthorized sta...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:6 p.m.48 views

CVE-2020-10502

The CVE-2020-10502 issue affects Chadha PHPKB Standard Multi-Language 9. The vulnerable component is admin/manage-comments.php where CSRF allows an attacker to approve any comment by crafting a request with the comment id. Root cause is CSRF protection missing for the approval action, enabling un...

4.3CVSS4.5AI score0.00485EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:6 p.m.39 views

CVE-2020-10499

The connected records provide concrete details for CVE-2020-10499: Chadha PHPKB Standard Multi-Language v9 contains a cross-site request forgery (CSRF) flaw in the admin/manage-tickets.php endpoint. An attacker can close any ticket by crafting a request that, when executed by an authenticated use...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:6 p.m.24 views

CVE-2020-10498

CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request...

6.4AI score0.0055EPSS
Exploits1References2
CVE
CVE
added 2020/03/12 1:6 p.m.51 views

CVE-2020-10498

CVE-2020-10498 affects Chadha PHPKB Standard Multi-Language 9. A CSRF vulnerability in admin/edit-category.php allows an attacker to edit a category by sending a crafted request (no explicit authentication bypass described). Root cause: missing/insufficient CSRF protection on the edit-category en...

6.5CVSS6.3AI score0.0055EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:6 p.m.43 views

CVE-2020-10497

The CVE-2020-10497 entry concerns Chadha PHPKB Standard Multi-Language 9, where a Cross-Site Request Forgery (CSRF) vulnerability exists in the admin/manage-categories.php endpoint. This weakness allows an attacker to cause the deletion of a category by sending a crafted request, due to insuffici...

6.5CVSS6.3AI score0.0055EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/03/12 1:6 p.m.46 views

CVE-2020-10495

CVE-2020-10495 is a CSRF vulnerability affecting Chadha PHPKB Standard Multi-Language 9. Assaults can edit an article template via crafted requests to admin/edit-template.php (requires id). Root cause is a CSRF weakness in the web application’s handling of template edits. The NVD entry lists a CV...

4.3CVSS4.5AI score0.00475EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:6 p.m.30 views

CVE-2020-10494

CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request...

4.6AI score0.00485EPSS
Exploits1References2
Rows per page
Query Builder