Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpkb vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2020-10416
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/kb-backup.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
5.4
CVSSv3
CVE-2020-10388
The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows malicious users to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php).
Chadhaajay Phpkb 9.0
7.2
CVSSv3
CVE-2020-10386
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to achieve Code Execution by uploading a .php file in the admin/js/ directory.
Chadhaajay Phpkb 9.0
1 EDB exploit
7.2
CVSSv3
CVE-2020-10389
admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10395
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10396
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10398
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-template.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10400
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10403
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-comment.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
4.8
CVSSv3
CVE-2020-10405
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-glossary.php by adding a question mark (?) followed by the payload.
Chadhaajay Phpkb 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »