|
210281
|
4.8 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
Reflected XSS in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10466
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210282
|
4.8 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
Reflected XSS in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10465
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210283
|
4.8 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
Reflected XSS in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10464
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210284
|
4.8 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
Reflected XSS in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10463
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210285
|
4.8 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
Reflected XSS in admin/edit-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10462
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210286
|
6.1 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
The way comments in article.php (vulnerable function in include/functions-article.php) are handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting …
|
CWE-79
Cross-site Scripting
|
CVE-2020-10461
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210287
|
4.9 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject untrusted input inside CSV files via the POST parameter data.
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-10460
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210288
|
2.7 |
LOW
Network
|
chadhaajay
|
phpkb
|
Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to list the files that…
|
CWE-22
Path Traversal
|
CVE-2020-10459
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210289
|
6.5 |
MEDIUM
Network
|
chadhaajay
|
phpkb
|
Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete any folder on the webserver using a dot-dot-slash sequence (../) via the GET pa…
|
CWE-22
Path Traversal
|
CVE-2020-10458
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210290
|
2.7 |
LOW
Network
|
chadhaajay
|
phpkb
|
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST…
|
CWE-22
Path Traversal
|
CVE-2020-10457
|
2024-11-21 13:55 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
