855 matches found
CVE-2020-10487
CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request...
CVE-2020-10487
CVE-2020-10487 affects Chadha PHPKB Standard Multi-Language 9. A CSRF flaw in admin/manage-glossary.php enables deletion of glossary terms via crafted requests. Root cause: insufficient CSRF protections on the glossary management endpoint. Impact: creation of unintended term deletions without val...
CVE-2020-10486
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request...
CVE-2020-10486
The CVE-2020-10486 issue affects Chadha PHPKB Standard Multi-Language version 9, where a CSRF flaw in admin/manage-comments.php can let an attacker delete a comment via a crafted request. Root cause is CSRF vulnerability due to insufficient request forgery protections, enabling unauthorized actio...
CVE-2020-10485
CVE-2020-10485 concerns Chadha PHPKB Standard Multi-Language 9. a CSRF flaw in admin/manage-articles.php enables deletion of an article via a crafted request. Root cause: inadequate CSRF protection on the article-deletion endpoint. Affected product/version: Chadha PHPKB Standard Multi-Language 9....
CVE-2020-10484
CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request...
CVE-2020-10484
The CVE-2020-10484 entry concerns Chadha PHPKB Standard Multi-Language 9. A CSRF flaw in admin/add-field.php allows an attacker to create a custom field via a crafted request, as described across multiple connected sources. The vulnerability is rated CVSS v3.1 4.3 (Medium) with network attack vec...
CVE-2020-10483
CVE-2020-10483 is a CSRF vulnerability in Chadha PHPKB Standard Multi-Language 9, affecting the admin/ajax-hub.php endpoint. The weakness allows an attacker to cause arbitrary users to post a comment on any article via a crafted request. Documented impact: ability to post comments; no other data ...
CVE-2020-10483
CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request...
CVE-2020-10482
CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request...
CVE-2020-10482
The connected documents confirm CVE-2020-10482 affects Chadha PHPKB Standard Multi-Language version 9, via a CSRF weakness in admin/add-template.php that lets an attacker add a new article template with a crafted request. The vulnerability stems from insufficient CSRF protection in that endpoint....
CVE-2020-10481
CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request...
CVE-2020-10481
CVE-2020-10481 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability is a CSRF weakness in the endpoint admin/add-glossary.php that allows an attacker to add a new glossary term via a crafted request. Documented CVSS v3.1 base score is 4.3 (Medium) with network attack vector, low atta...
CVE-2020-10480
CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request...
CVE-2020-10480
CVE-2020-10480 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability is a cross-site request forgery (CSRF) in admin/add-category.php that allows an attacker to add a new category via a crafted request, without requiring authentication. The root cause is insufficient CSRF protection o...
CVE-2020-10479
CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request...
CVE-2020-10479
CVE-2020-10479 affects Chadha PHPKB Standard Multi-Language 9, where a CSRF flaw in admin/add-news.php allows adding a news article via a crafted request. The vulnerability is tied to a CSRF weakness in the /admin/add-news.php endpoint, enabling unauthorized article creation. Affected product/ver...
CVE-2020-10478
CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request...
CVE-2020-10478
The CVE refers to Chadha PHPKB Standard Multi-Language 9, where CSRF in admin/manage-settings.php allows changing global settings. The root cause is insufficient validation/origin verification of requests, enabling an attacker to alter settings and potentially trigger code execution or a denial o...
CVE-2020-10477
Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort...