Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chadhaajay phpkb 9.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-10502
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to approve any comment, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
4.3
CVSSv2
CVE-2020-10503
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to disapprove any comment, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
4.3
CVSSv2
CVE-2020-10504
CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to edit a comment, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
4
CVSSv2
CVE-2020-10457
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) and imgUrl (for the current file to b...
Chadhaajay Phpkb 9.0
4
CVSSv2
CVE-2020-10459
Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows malicious users to list the files that are stored on the webserver using a dot-dot-slash sequence (../) via the P...
Chadhaajay Phpkb 9.0
4
CVSSv2
CVE-2020-10460
admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi-Language 9 allows malicious users to inject untrusted input inside CSV files via the POST parameter data.
Chadhaajay Phpkb 9.0
4
CVSSv2
CVE-2020-10387
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
Chadhaajay Phpkb 9.0
1 EDB exploit
3.5
CVSSv2
CVE-2020-10423
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-feedbacks.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10424
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-fields.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
3.5
CVSSv2
CVE-2020-10425
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-glossary.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »