6 matches found
CVE-2020-10431
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-templates.php by adding a question mark ? followed by the payload...
Cross site scripting
Reflected XSS in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-templates.php by adding a question mark ? followed by the payload...
CVE-2020-10492
The CVE affects Chadha PHPKB Standard Multi-Language version 9. The vulnerability is a CSRF weakness exploitable via requests to the admin/manage-templates.php endpoint, enabling an attacker to delete an article template. The root cause is insufficient CSRF protection on that endpoint, allowing u...
CVE-2020-10472
Summary: CVE-2020-10472 is a reflected XSS vulnerability in Chadha PHPKB Standard Multi-Language 9, specifically in the admin/manage-templates.php page where the GET parameter “sort” can be tainted to inject arbitrary scripts. The affected component is the web application’s template management in...
CVE-2020-10431
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-templates.php by adding a question mark ? followed by the payload...