Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpkb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1909
SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Chadha Software Technologies Phpkb Knowledge Base 2.0
Chadha Software Technologies Phpkb Knowledge Base 1.5
2 EDB exploits
4.8
CVSSv3
CVE-2020-10475
Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to inject arbitrary web script or HTML via the GET parameter sort.
Chadhaajay Phpkb 9.0
2.7
CVSSv3
CVE-2020-10457
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) and imgUrl (for the current file to b...
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10477
Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to inject arbitrary web script or HTML via the GET parameter sort.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10467
Reflected XSS in admin/edit-comment.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to inject arbitrary web script or HTML via the GET parameter p.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10468
Reflected XSS in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to inject arbitrary web script or HTML via the GET parameter p.
Chadhaajay Phpkb 9.0
8.8
CVSSv3
CVE-2020-10478
CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.
Chadhaajay Phpkb 9.0
4.3
CVSSv3
CVE-2020-10479
CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to add a new news article via a crafted request.
Chadhaajay Phpkb 9.0
7.2
CVSSv3
CVE-2020-10386
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to achieve Code Execution by uploading a .php file in the admin/js/ directory.
Chadhaajay Phpkb 9.0
1 EDB exploit
4.9
CVSSv3
CVE-2020-10387
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
Chadhaajay Phpkb 9.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »