Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chadhaajay phpkb 9.0 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-10500
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to reply to any ticket, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
383
VMScore
CVE-2020-10501
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to edit a department, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
383
VMScore
CVE-2020-10502
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to approve any comment, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
383
VMScore
CVE-2020-10503
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to disapprove any comment, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
383
VMScore
CVE-2020-10504
CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to edit a comment, given the id, via a crafted request.
Chadhaajay Phpkb 9.0
405
VMScore
CVE-2020-10387
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
Chadhaajay Phpkb 9.0
1 EDB exploit
578
VMScore
CVE-2020-10390
OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.p...
Chadhaajay Phpkb 9.0
312
VMScore
CVE-2020-10392
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
312
VMScore
CVE-2020-10394
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
312
VMScore
CVE-2020-10397
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »