CVE-2020-10458

Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete any folder on the webserver using a dot-dot-slash sequence ../ via the GET parameter crdir, when the GET parameter action is set to df, causing a Denial of Service...

EUVD-2006-2185

Malware in sbrugna...

EUVD-2020-2913

Malware in sbrugna...

CVE-2020-10420

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-comments.php by adding a question mark ? followed by the payload...

PT-2020-12139 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the sort parameter in the "admin/manage-departments.php" page. This enables reflected XSS attacks...

PT-2020-12095 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited by injecting arbitrary web script or HTML in...