PT-2020-12170 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to reply to any ticket, given the id, via a crafted request to the "admin/reply-ticket.php" endpoint. This is made possible by a CSRF weakness in the...

PT-2020-12152 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to add a new article template via a crafted request to the "admin/add-template.php" endpoint. This is made possible by a CSRF weakness. Recommendations: Fo...

PT-2020-12161 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to add a department via a crafted request to the admin/manage-departments.php endpoint. This is made possible by a CSRF weakness. Recommendations: For Chad...

PT-2020-12142 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the sort parameter in the "admin/manage-templates.php" page. This can lead to reflected XSS attacks...

PT-2020-12151 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to add a new glossary term via a crafted request to the admin/add-glossary.php endpoint. This is made possible by a CSRF weakness. Recommendations: For...

PT-2020-12168 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to edit a category, given the id, via a crafted request to the "admin/edit-category.php" endpoint. This is made possible by a CSRF weakness in the software...

PT-2020-12132 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the GET parameter p in the admin/edit-field.php file. This enables attackers to perform a Reflected XSS attack...

PT-2020-12166 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to edit an article, given the id, via a crafted request to the "admin/edit-article.php" endpoint. This is made possible by a CSRF weakness. Recommendations...

PT-2020-12139 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the sort parameter in the "admin/manage-departments.php" page. This enables reflected XSS attacks...

PT-2020-12134 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the GET parameter p in the admin/edit-article.php file. This enables reflected XSS attacks. Recommendations: For...

PT-2020-12144 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the sort parameter in the "admin/manage-comments.php" page. This enables attackers to perform a Reflected XSS...

PT-2020-12167 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to delete a category via a crafted request to the admin/manage-categories.php endpoint. This is made possible by a CSRF weakness. Recommendations: For Chad...

PT-2020-12172 · Chadha · Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to approve any comment by providing the id via a crafted request to the admin/manage-comments.php endpoint. Recommendations: For version 9, consider...

PT-2020-12136 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the p parameter in the admin/edit-glossary.php file. This enables reflected XSS attacks. Recommendations: For...

PT-2020-12158 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to delete a news article via a crafted request to the "admin/manage-news.php" endpoint. This is made possible by a CSRF flaw. Recommendations: For Chadha...

PT-2020-12138 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the GET parameter p in the admin/edit-news.php file. This enables attackers to perform a reflected XSS attack...

PT-2020-12143 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to inject arbitrary web script or HTML via the sort parameter in the "admin/manage-categories.php" page, enabling reflected XSS attacks. Recommendations: F...

PT-2020-12165 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to edit an article template, given the id, via a crafted request to the "admin/edit-template.php" endpoint. This is made possible by a CSRF weakness...

PT-2020-12162 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to delete an article template via a crafted request to the admin/manage-templates.php endpoint. This is made possible by a CSRF weakness. Recommendations:...

PT-2020-12159 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to delete a ticket via a crafted request to the "admin/manage-tickets.php" endpoint. This is made possible by a CSRF weakness. Recommendations: For Chadha...