855 matches found
CVE-2020-10500
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request...
CVE-2020-10499
The connected records provide concrete details for CVE-2020-10499: Chadha PHPKB Standard Multi-Language v9 contains a cross-site request forgery (CSRF) flaw in the admin/manage-tickets.php endpoint. An attacker can close any ticket by crafting a request that, when executed by an authenticated use...
CVE-2020-10499
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request...
CVE-2020-10498
CVE-2020-10498 affects Chadha PHPKB Standard Multi-Language 9. A CSRF vulnerability in admin/edit-category.php allows an attacker to edit a category by sending a crafted request (no explicit authentication bypass described). Root cause: missing/insufficient CSRF protection on the edit-category en...
CVE-2020-10498
CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request...
CVE-2020-10497
The CVE-2020-10497 entry concerns Chadha PHPKB Standard Multi-Language 9, where a Cross-Site Request Forgery (CSRF) vulnerability exists in the admin/manage-categories.php endpoint. This weakness allows an attacker to cause the deletion of a category by sending a crafted request, due to insuffici...
CVE-2020-10496
Chadha PHPKB Standard Multi-Language 9 is vulnerable to a Cross-Site Request Forgery (CSRF) in the admin/edit-article.php endpoint. The vulnerability allows an attacker to cause article edits by crafting a request that an authenticated user would submit, due to insufficient validation/CSRF protec...
CVE-2020-10496
CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request...
CVE-2020-10495
CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request...
CVE-2020-10495
CVE-2020-10495 is a CSRF vulnerability affecting Chadha PHPKB Standard Multi-Language 9. Assaults can edit an article template via crafted requests to admin/edit-template.php (requires id). Root cause is a CSRF weakness in the web application’s handling of template edits. The NVD entry lists a CV...
CVE-2020-10494
CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request...
CVE-2020-10494
CVE-2020-10494 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9 affecting the admin/edit-news.php endpoint. Affected component is the news-editing function; root cause is CSRF weakness allowing an attacker to edit a news article when a user with appropriate session interacts with...
CVE-2020-10493
CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request...
CVE-2020-10493
The CVE-2020-10493 issue affects Chadha PHPKB Standard Multi-Language 9, where a CSRF vulnerability in admin/edit-glossary.php allows an attacker to edit a glossary term via a crafted request. The root cause is CSRF in the web application path used for glossary term edits. Documented impact is ed...
CVE-2020-10492
CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request...
CVE-2020-10491
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request...
CVE-2020-10491
The issue is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language version 9, specifically affecting the endpoint admin/manage-departments.php. A crafted request can cause an attacker to add a department without proper authorization. The root cause is a CSRF weakness that allows unauthoriz...
CVE-2020-10490
CVE-2020-10490 describes a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9, where requests to admin/manage-departments.php can delete a department. Root cause: insufficient CSRF protection on the department-management endpoint. Affected product/version: Chadha PHPKB Standard Multi-La...
CVE-2020-10489
CVE-2020-10489 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9 affecting the admin/manage-tickets.php endpoint. An attacker can cause a user’s browser to issue a crafted request to delete a ticket, due to inadequate protection against cross-site request forgery. The CVE is docum...
CVE-2020-10488
CVE-2020-10488 describes a cross-site request forgery (CSRF) in Chadha PHPKB Standard Multi-Language 9. The vulnerability exists in the admin/manage-news.php endpoint, where a crafted request can cause deletion of a news article. Root cause: CSRF due to insufficient request validation/CSRF protec...