U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): php
There are 8,281 matching records.
Displaying matches 1,521 through 1,540.
Vuln ID Summary CVSS Severity
CVE-2020-10492

CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10491

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10490

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10489

CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10488

CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10487

CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10486

CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10485

CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request.

Published: March 12, 2020; 10:15:20 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10484

CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10483

CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10482

CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10481

CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10480

CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10479

CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-10478

CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2020-10477

Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2020-10476

Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2020-10475

Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2020-10474

Reflected XSS in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2020-10473

Reflected XSS in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.

Published: March 12, 2020; 10:15:19 AM -0400
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW