6 matches found
CVE-2020-10479
CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request...
CVE-2020-10397
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-news.php by adding a question mark ? followed by the payload...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-news.php by adding a question mark ? followed by the payload...
CVE-2020-10479
CVE-2020-10479 affects Chadha PHPKB Standard Multi-Language 9, where a CSRF flaw in admin/add-news.php allows adding a news article via a crafted request. The vulnerability is tied to a CSRF weakness in the /admin/add-news.php endpoint, enabling unauthorized article creation. Affected product/ver...
CVE-2020-10479
CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request...
CVE-2020-10397
CVE-2020-10397 affects Chadha PHPKB Standard Multi-Language 9. The issue is a Reflected XSS in URI handling within admin/header.php, exploitable via admin/add-news.php by appending a question mark ? followed by payload. The Red Hat connected records corroborate a pattern of Reflected XSS in admin...