6654 matches found
CVE-2020-10428
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-news.php by adding a question mark ? followed by the payload...
CVE-2020-10473
Reflected XSS in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...
CVE-2020-10392
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-category.php by adding a question mark ? followed by the payload...
CVE-2020-10413
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/import-html.php by adding a question mark ? followed by the payload...
CVE-2020-10475
Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...
CVE-2020-10439
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article-discussed.php by adding a question mark ? followed by the payload...
CVE-2020-10426
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-groups.php by adding a question mark ? followed by the payload...
CVE-2020-10408
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-subscriber.php by adding a question mark ? followed by the payload...
CVE-2020-10417
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-articles.php by adding a question mark ? followed by the payload...
CVE-2020-10405
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-glossary.php by adding a question mark ? followed by the payload...
CVE-2020-10414
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/index-attachments.php by adding a question mark ? followed by the payload...
CVE-2020-10427
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-languages.php by adding a question mark ? followed by the payload...
CVE-2020-10409
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-template.php by adding a question mark ? followed by the payload...
CVE-2020-10430
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-subscribers.php by adding a question mark ? followed by the payload...
CVE-2020-10412
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/import-csv.php by adding a question mark ? followed by the payload...
CVE-2020-10474
Reflected XSS in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...
CVE-2024-41516
A Reflected cross-site scripting XSS vulnerability in "ccHandler.aspx" CADClick = 1.11.0 allows remote attackers to inject arbitrary web script or HTML via the "bomid" parameter...
CVE-2024-41513
A reflected cross-site scripting XSS vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter...
CVE-2025-13667
The WP Recipe Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Skill Level' input field in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated...
CVE-2013-7318
Cross-site scripting XSS vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter...