CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10461

The way comments in article.php (vulnerable function in include/functions-article.php) are handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php, via the GET parameter cmt.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://antoniocannito.it/?p=137#bxss2
https://antoniocannito.it/phpkb1#blind-cross-site-scripting-2-cve-2020-10461
http://antoniocannito.it/?p=137#bxss2
https://antoniocannito.it/phpkb1#blind-cross-site-scripting-2-cve-2020-10461

Products affected by CVE-2020-10461

Chadhaajay » Phpkb » Version: 9.0

cpe:2.3:a:chadhaajay:phpkb:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10461

Products

Pricing

Contact Us