CVE-2020-10448

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-referrers.php by adding a question mark ? followed by the payload...

CVE-2020-10388

The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored Blind XSS injecting arbitrary web script or HTML in admin/report-referrers.php vulnerable file admin/include/functions-articles.php...

Cross site scripting

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-referrers.php by adding a question mark ? followed by the payload...

CVE-2020-10388

The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored Blind XSS injecting arbitrary web script or HTML in admin/report-referrers.php vulnerable file admin/include/functions-articles.php...

CVE-2020-10388

Chadha PHPKB Standard Multi-Language v9 is affected by CVE-2020-10388 due to improper handling/validation of the Referer header in article.php, enabling Stored (Blind) XSS via admin/report-referrers.php (vulnerable code in admin/include/functions-articles.php). Affected component: PHPKB’s article...