Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpkb vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-1909
SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Chadha Software Technologies Phpkb Knowledge Base 2.0
Chadha Software Technologies Phpkb Knowledge Base 1.5
2 EDB exploits
4
CVSSv2
CVE-2020-10387
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
Chadhaajay Phpkb 9.0
1 EDB exploit
3.5
CVSSv2
CVE-2020-10470
Reflected XSS in admin/manage-fields.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to inject arbitrary web script or HTML via the GET parameter sort.
Chadhaajay Phpkb 9.0
6.5
CVSSv2
CVE-2020-10390
OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.p...
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10392
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10394
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10395
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10399
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10400
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10402
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-category.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »