VYPR
Vendor

Chadha PHPKB

Products
1
CVEs
11
Across products
11
Status
Private

Products

1

Recent CVEs

11
  • CVE-2020-11579HigSep 3, 2020
    risk 0.51cvss 7.5epss 0.26

    An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA…

  • CVE-2020-10460MedMar 12, 2020
    risk 0.32cvss 4.9epss 0.01

    admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject untrusted input inside CSV files via the POST parameter data.

  • CVE-2020-10469MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    Reflected XSS in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.

  • CVE-2020-10464MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    Reflected XSS in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p.

  • CVE-2020-10456MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/trash-box.php by adding a question mark (?) followed by the payload.

  • CVE-2020-10439MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-discussed.php by adding a question mark (?) followed by the payload.

  • CVE-2020-10432MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-tickets.php by adding a question mark (?) followed by the payload.

  • CVE-2020-10421MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-departments.php by adding a question mark (?) followed by the payload.

  • CVE-2020-10419MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-categories.php by adding a question mark (?) followed by the payload.

  • CVE-2020-10417MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-articles.php by adding a question mark (?) followed by the payload.

  • CVE-2020-10415MedMar 12, 2020
    risk 0.31cvss 4.8epss 0.01

    The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index.php by adding a question mark (?) followed by the payload.