) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): php
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-10478 |
CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2020-10477 |
Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10476 |
Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10475 |
Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10474 |
Reflected XSS in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10473 |
Reflected XSS in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10472 |
Reflected XSS in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10471 |
Reflected XSS in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:19 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10470 |
Reflected XSS in admin/manage-fields.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10469 |
Reflected XSS in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10468 |
Reflected XSS in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10467 |
Reflected XSS in admin/edit-comment.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10466 |
Reflected XSS in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10465 |
Reflected XSS in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10464 |
Reflected XSS in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10463 |
Reflected XSS in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10462 |
Reflected XSS in admin/edit-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-10461 |
The way comments in article.php (vulnerable function in include/functions-article.php) are handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php, via the GET parameter cmt. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-10460 |
admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject untrusted input inside CSV files via the POST parameter data. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 4.9 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2020-10459 |
Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to list the files that are stored on the webserver using a dot-dot-slash sequence (../) via the POST parameter inpCurrFolder. Published: March 12, 2020; 10:15:18 AM -0400 |
V3.1: 2.7 LOW V2.0: 4.0 MEDIUM |