Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chadhaajay phpkb 9.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-10388
The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows malicious users to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php).
Chadhaajay Phpkb 9.0
4.9
CVSSv3
CVE-2020-10387
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
Chadhaajay Phpkb 9.0
1 EDB exploit
4.9
CVSSv3
CVE-2020-10460
admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi-Language 9 allows malicious users to inject untrusted input inside CSV files via the POST parameter data.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10394
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10397
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10399
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10408
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-subscriber.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10409
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-template.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10420
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10431
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-templates.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »