Total
119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10424 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-fields.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10423 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-feedbacks.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10422 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-drafts.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10421 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-departments.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10420 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10419 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-categories.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10418 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-attachments.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10417 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-articles.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10416 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/kb-backup.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10415 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10414 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index-attachments.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10413 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-html.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10412 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-csv.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10411 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/email-harvester.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10410 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-user.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10409 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-template.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10408 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-subscriber.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10407 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-news.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10406 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-group.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10405 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-glossary.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10404 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-field.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10403 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-comment.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10402 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-category.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10401 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-article.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10400 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10399 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10398 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-template.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10397 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10396 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10395 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10394 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10393 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10392 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10391 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-article.php by adding a question mark (?) followed by the payload.
|
|||||
| CVE-2020-10390 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php.
|
|||||
| CVE-2020-10389 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings.
|
|||||
| CVE-2020-10388 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php).
|
|||||
| CVE-2020-10387 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
|
|||||
| CVE-2020-10386 | 1 Chadhaajay | 1 Phpkb | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory.
|
|||||