Lucene search
K
ChadhaajayPhpkb

119 matches found

CVE
CVE
added 2020/09/03 5:15 p.m.129 views

CVE-2020-11579

Summary: CVE-2020-11579 affects Chadha PHPKB 9.0 Enterprise Edition. The vulnerability is in installer/test-connection.php (installation flow) allowing an unauthenticated remote attacker to disclose local files on hosts running PHP < 7.2.16 or where MySQL ALLOW LOCAL DATA INFILE is enabled. Do...

7.5CVSS7.4AI score0.26459EPSS
CVE
CVE
added 2020/03/12 1:3 p.m.88 views

CVE-2020-10389

CVE-2020-10389 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability exists in admin/save-settings.php and allows an attacker to achieve remote code execution by injecting PHP code into any POST parameter during saving of global settings. Public references in connected documents show ...

7.2CVSS7.2AI score0.04884EPSS
Web
CVE
CVE
added 2020/03/12 1:3 p.m.84 views

CVE-2020-10387

CVE-2020-10387 describes a path traversal vulnerability in Chadha PHPKB Standard Multi-Language 9, exposed via the admin/download.php endpoint. The flaw allows traversal of the server file system through the GET parameter “file” (using dot-dot-slash sequences), enabling arbitrary file download. P...

4.9CVSS5AI score0.07844EPSS
Web
CVE
CVE
added 2020/03/12 1:0 p.m.81 views

CVE-2020-10386

CVE-2020-10386 affects Chadha PHPKB Standard Multi-Language 9. A remote code execution is possible by uploading a PHP file via admin/imagepaster/image-upload.php to the admin/js/ directory. The root cause is unrestricted PHP file upload in that path, allowing an attacker to execute arbitrary code...

7.2CVSS7AI score0.12339EPSS
Web
CVE
CVE
added 2020/03/12 1:3 p.m.77 views

CVE-2020-10391

CVE-2020-10391 describes a reflected XSS in Chadha PHPKB Standard Multi-Language 9. The issue arises from how URIs are handled in admin/header.php, enabling an attacker to inject script/HTML into admin/add-article.php by appending a payload after a question mark. The connected Red Hat CVE entries...

4.8CVSS4.9AI score0.00733EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.67 views

CVE-2020-10449

CVE-2020-10449 is a reflected XSS in Chadha PHPKB Standard Multi-Language 9. The Red Hat advisories confirm the URI handling flaw in admin/header.php can trigger XSS by crafting a URI with a leading ? payload on specific admin pages (e.g., admin/report-search.php). The exact vulnerable endpoints ...

4.8CVSS4.9AI score0.00733EPSS
CVE
CVE
added 2020/03/12 1:3 p.m.62 views

CVE-2020-10395

The CVE-2020-10395 issue affects Chadha PHPKB Standard Multi-Language 9 and is described as a Reflected Cross-Site Scripting (XSS) vulnerability. The Red Hat entries specify that URIs handled in admin/header.php can trigger XSS in various admin pages (e.g., admin/add-group.php, admin/add-article....

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.62 views

CVE-2020-10412

The connected Red Hat advisories corroborate CVE-2020-10412 affecting Chadha PHPKB Standard Multi-Language 9. The issue is a reflected XSS flaw in the URI handling in admin/header.php, enabling injection via the query string and affecting admin/import-csv.php (and related pages in the same produc...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.62 views

CVE-2020-10416

Technical details for CVE-2020-10416 are not provided in the connected documents. Public specifics such as affected versions, components, or fixes are not available here; monitor for updates.

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.61 views

CVE-2020-10427

CVE-2020-10427 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability arises from how URIs are parsed in admin/header.php, allowing Reflected XSS in admin/manage-languages.php by appending a question mark and payload to the URL. Red Hat CVE entries for this family (CVE-2020-10391, CVE-...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:5 p.m.61 views

CVE-2020-10456

CVE-2020-10456 affects Chadha PHPKB Standard Multi-Language 9. The issue arises from how URIs are processed in admin/header.php, enabling a Reflected XSS via admin/trash-box.php (and related admin pages) by appending a ? payload to the URI. Red Hat CVEs RH:CVE-2020-10456 similarly describe the sa...

4.8CVSS4.9AI score0.00733EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.59 views

CVE-2020-10411

The CVE-2020-10411 issue affects Chadha PHPKB Standard Multi-Language 9. The root cause is improper handling of URIs in admin/header.php, enabling Reflected XSS by inserting a payload after a question mark in admin/indexed admin pages (e.g., admin/email-harvester.php per the Initial Description)....

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.58 views

CVE-2020-10402

CVE-2020-10402 corresponds to a Reflected XSS in Chadha PHPKB Standard Multi‑Language 9. Red Hat entries corroborate the issue affecting URIs handled in admin/header.php, enabling payloads when accessing admin/edit-category.php (and related admin pages for CVEs 10391/10456). The root cause is imp...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.58 views

CVE-2020-10413

CVE-2020-10413 affects Chadha PHPKB Standard Multi-Language 9. The Red Hat advisories document the same root cause: URI handling in admin/header.php enables Reflected XSS by appending a question mark and payload, with affected admin pages including import-html.php (per CVE description) and relate...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.58 views

CVE-2020-10422

Summary: CVE-2020-10422 affects Chadha PHPKB Standard Multi-Language 9. The issue lies in URI handling in admin/header.php, enabling a Reflected XSS vulnerability in admin/manage-drafts.php when a URL is crafted with a leading caret (?) followed by the payload. This can inject arbitrary script/HT...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.58 views

CVE-2020-10426

CVE-2020-10426 concerns Chadha PHPKB Standard Multi-Language 9. The issue arises from how URIs are processed in admin/header.php, enabling Reflected XSS by appending a payload after a question mark to admin pages (as shown for manage-groups.php; related Red Hat entries also reference add-article....

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.58 views

CVE-2020-10428

CVE-2020-10428 affects Chadha PHPKB Standard Multi-Language 9. The issue is a Reflected XSS in URI handling via admin/header.php, enabling injection of arbitrary script/HTML on several admin pages when a payload is added after a question mark in the URI (e.g., admin/manage-news.php and related pa...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:3 p.m.57 views

CVE-2020-10390

CVE-2020-10390 affects Chadha PHPKB Standard Multi-Language 9. The OS command injection exists in export.php (called from include/functions-article.php) allowing remote code execution by saving malicious code into the wkhtmltopdf path via admin/save-settings.php. This is documented across multipl...

7.2CVSS7.4AI score0.04326EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.57 views

CVE-2020-10420

CVE-2020-10420 affects Chadha PHPKB Standard Multi-Language 9. The issue is a Reflected XSS in the admin area: URIs parsed in admin/header.php allow injection when a question mark is appended before the payload, impacting admin/manage-comments.php. The Red Hat connected CVEs (CVE-2020-10391, CVE-...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.57 views

CVE-2020-10424

CVE-2020-10424 affects Chadha PHPKB Standard Multi-Language 9, where URIs mishandling in admin/header.php enables reflected XSS in admin/manage-fields.php by appending a ? payload. Impact is reflected script/HTML injection; exploitation details not provided beyond this description. The cited metr...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:3 p.m.56 views

CVE-2020-10392

CVE-2020-10392 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability arises from how URIs are handled in admin/header.php, enabling Reflected XSS in pages such as admin/add-category.php when a payload is injected after a question mark in the URI. The Red Hat context confirms the same ...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.56 views

CVE-2020-10429

CVE-2020-10429 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability arises from how URIs are handled in admin/header.php, enabling Reflected XSS in admin/manage-settings.php when a payload is appended after a question mark. The description notes injection of arbitrary scripts/HTML vi...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:5 p.m.56 views

CVE-2020-10473

CVE-2020-10473 : A reflected cross-site scripting vulnerability in Chadha PHPKB Standard Multi-Language 9 affects the admin/manage-categories.php page. The issue arises from the GET parameter sort , allowing an attacker to inject arbitrary script/HTML. Affected component: PHPKB Core (admin UI). I...

4.8CVSS4.8AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:5 p.m.56 views

CVE-2020-10487

CVE-2020-10487 affects Chadha PHPKB Standard Multi-Language 9. A CSRF flaw in admin/manage-glossary.php enables deletion of glossary terms via crafted requests. Root cause: insufficient CSRF protections on the glossary management endpoint. Impact: creation of unintended term deletions without val...

4.3CVSS4.5AI score0.00535EPSS
CVE
CVE
added 2020/03/12 1:3 p.m.55 views

CVE-2020-10393

CVE-2020-10393 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability is a Reflected XSS caused by how URIs are processed in admin/header.php, exploitable via adding a ? payload to admin/add-field.php. No remediation details are provided in the connected documents.

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.55 views

CVE-2020-10405

CVE-2020-10405 affects Chadha PHPKB Standard Multi-Language 9; the issue is a Reflected XSS in admin/header.php that is exploitable via URIs when an attacker appends a question mark and payload to access admin/edit-glossary.php. The Red Hat advisories confirm the same vulnerability path affecting...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.55 views

CVE-2020-10432

The CVE-2020-10432 entry applies to Chadha PHPKB Standard Multi-Language 9, where URI handling in admin/header.php enables a Reflected XSS in admin/manage-tickets.php when a leading question mark is followed by a payload. The Red Hat CVE records corroborate a similar issue affecting admin/header....

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.55 views

CVE-2020-10442

CVE-2020-10442 concerns Chadha PHPKB Standard Multi-Language 9. The issue arises from how URIs are processed in admin/header.php, enabling Reflected XSS in multiple admin pages (e.g., admin/report-article-popular.php; per Red Hat advisories, related entries show affected paths such as admin/add-a...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.54 views

CVE-2020-10406

Chadha PHPKB Standard Multi-Language 9 contains a reflected XSS in the admin area: the way URIs are handled in admin/header.php enables injection when a payload is added after a ? in admin/edit-group.php. Connected Red Hat CVEs (CVE-2020-10391, CVE-2020-10456) describe similar URI-based XSS in ot...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.54 views

CVE-2020-10430

The CVE-2020-10430 entry concerns Chadha PHPKB Standard Multi-Language 9. The Red Hat Red Hat CVEs map this vulnerability to UI URI handling in admin/header.php that enables Reflected XSS in subsequent admin pages (notably admin/manage-subscribers.php; other RH entries reference admin/add-article...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.54 views

CVE-2020-10431

CVE-2020-10431 affects Chadha PHPKB Standard Multi-Language 9. URI handling in admin/header.php enables Reflected XSS by appending a ? payload to admin/manage-templates.php (and similar admin pages). Red Hat advisories confirm the same root cause across multiple admin endpoints (e.g., add-article...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.54 views

CVE-2020-10433

The CVE pertains to Chadha PHPKB Standard Multi-Language 9. The issue arises from how URIs are handled in admin/header.php, enabling reflected XSS by appending a question mark and payload to the URL. Red Hat records link similar vectors affecting admin pages (e.g., add-article.php, trash-box.php)...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.54 views

CVE-2020-10438

CVE-2020-10438 affects Chadha PHPKB Standard Multi-Language 9: the URI handling in admin/header.php enables Reflected XSS in admin/reply-ticket.php when a payload is injected after a '?'. The Red Hat CVEs confirm similar patterns for related endpoints (e.g., admin/add-article.php), but the provid...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.54 views

CVE-2020-10443

The connected Red Hat advisories describe a Reflected XSS in Chadha PHPKB Standard Multi-Language 9 stemming from how URIs are parsed in admin/header.php, with exploitation via a payload after a ? and affecting pages like admin/add-article.php/trash-box.php. They do not provide exact CVE-2020-104...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:5 p.m.54 views

CVE-2020-10457

Path Traversal in Chadha PHPKB Standard Multi-Language 9 (admin/imagepaster/image-renaming.php) allows attackers to rename any file on the webserver via POST imgName and imgUrl using ../../../’ style sequences. Affected component: image-renaming functionality; root cause: improper validation of p...

4CVSS4AI score0.01084EPSS
Web
CVE
CVE
added 2020/03/12 1:3 p.m.53 views

CVE-2020-10396

CVE-2020-10396 affects Chadha PHPKB Standard Multi-Language 9. Reflected XSS is possible via URIs processed by admin/header.php, demonstrated in admin/add-language.php when a leading ? is followed by a payload. Impact is reflected script/HTML execution; CVSS vectors indicate at least low to mediu...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.53 views

CVE-2020-10404

CVE-2020-10404 describes a Reflected XSS in Chadha PHPKB Standard Multi-Language 9 caused by how URIs are handled in admin/header.php. The vulnerability allows injecting arbitrary web script/HTML via a payload appended after a ? in URIs and is relevant to the admin path, including admin/edit-fiel...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.53 views

CVE-2020-10414

Concretely, CVE-2020-10414 is a Reflected XSS in Chadha PHPKB Standard Multi-Language 9 caused by improper URI handling in admin/header.php. The Red Hat advisories tie the issue to multiple admin pages (e.g., admin/index-attachments.php, admin/add-article.php, admin/trash-box.php) where injecting...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:3 p.m.52 views

CVE-2020-10397

CVE-2020-10397 affects Chadha PHPKB Standard Multi-Language 9. The issue is a Reflected XSS in URI handling within admin/header.php, exploitable via admin/add-news.php by appending a question mark ? followed by payload. The Red Hat connected records corroborate a pattern of Reflected XSS in admin...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.52 views

CVE-2020-10417

Vulnerability overview (CVE-2020-10417) : Red Hat and NVD documents describe a Reflected XSS in Chadha PHPKB Standard Multi-Language 9. The issue occurs in URI handling within admin/header.php and is triggered when an attacker crafts a URL (e.g., a query string after a ?) that is reflected into p...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.52 views

CVE-2020-10421

CVE-2020-10421 concerns Chadha PHPKB Standard Multi-Language 9, where URIs are mishandled in admin/header.php, enabling a Reflected XSS in admin/manage-departments.php by appending a payload after a question mark. The description indicates the vulnerability arises from how the URI is processed, a...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.52 views

CVE-2020-10423

CVE-2020-10423 is a reflected XSS in Chadha PHPKB Standard Multi-Language 9 caused by improper URI handling in admin/header.php, exploitable via URIs on admin pages such as admin/manage-feedbacks.php (and related pages listed in Red Hat advisories). The Red Hat records attribute the issue to URIs...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:5 p.m.52 views

CVE-2020-10481

CVE-2020-10481 affects Chadha PHPKB Standard Multi-Language 9. The vulnerability is a CSRF weakness in the endpoint admin/add-glossary.php that allows an attacker to add a new glossary term via a crafted request. Documented CVSS v3.1 base score is 4.3 (Medium) with network attack vector, low atta...

4.3CVSS4.5AI score0.00475EPSS
CVE
CVE
added 2020/03/12 1:3 p.m.51 views

CVE-2020-10400

CVE-2020-10400 involves a Reflected XSS in Chadha PHPKB Standard Multi-Language 9 caused by how URIs are processed in admin/header.php. The Red Hat advisories confirm the flaw can be triggered via the URI by adding a question mark and payload, with documented impact on multiple admin pages (e.g.,...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.51 views

CVE-2020-10409

Summary: CVE-2020-10409 affects Chadha PHPKB Standard Multi-Language 9; URIs parsed in admin/header.php allow a Reflected XSS in admin/edit-template.php when a payload is injected after a question mark. Affected: Chadha PHPKB Standard Multi-Language 9 (admin area). Root cause (as stated): URI han...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.51 views

CVE-2020-10415

CVE-2020-10415 concerns Chadha PHPKB Standard Multi-Language 9. The issue is a Reflected XSS in URIs processed by admin/header.php, enabling an attacker to inject arbitrary script/HTML via a crafted query string (e.g., a payload following a ?). Related Red Hat entries (CVE-2020-10391 and CVE-2020...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.51 views

CVE-2020-10418

CVE-2020-10418 corresponds to a reflected XSS in Chadha PHPKB Standard Multi-Language 9. Red Hat entries for CVE-2020-10418 and related CVEs describe the flaw as URIs handled in admin/header.php enabling reflected XSS in admin/manage-attachments.php by appending a payload after a question mark. T...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.51 views

CVE-2020-10425

The provided connected documents identify a Reflected XSS in Chadha PHPKB Standard Multi-Language 9, caused by how URIs are handled in admin/header.php. The vulnerability is triggered by crafting a URI with a leading question mark and a payload, affecting admin pages such as admin/manage-glossary...

4.8CVSS4.9AI score0.00611EPSS
Web
CVE
CVE
added 2020/03/12 1:4 p.m.51 views

CVE-2020-10434

CVE-2020-10434 concerns Chadha PHPKB Standard Multi-Language 9. The issue arises from how URIs are processed in admin/header.php, enabling a Reflected XSS by appending a question mark followed by payload to admin/manage-versions.php. Connected Red Hat CVEs (CVE-2020-10391 and CVE-2020-10456) desc...

4.8CVSS4.9AI score0.00611EPSS
CVE
CVE
added 2020/03/12 1:4 p.m.51 views

CVE-2020-10439

The vulnerability CVE-2020-10439, described across Red Hat advisories, is a Reflected XSS flaw in Chadha PHPKB Standard Multi-Language 9. It arises from how URIs are handled in admin/header.php, enabling an attacker to inject arbitrary script/HTML when accessing specific admin pages. Concrete imp...

4.8CVSS4.9AI score0.00611EPSS
Web
Total number of security vulnerabilities119