CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows malicious users to create a custom field via a crafted request.
chadhaajay phpkb 9.0