Shodan
Vulnerabilities
Vulnerable Software
Chadhaajay:  >> Phpkb  Security Vulnerabilities
CVE-2020-10395
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CVE-2020-10396
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CVE-2020-10397
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CVE-2020-10398
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-template.php by adding a question mark (?) followed by the payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CVE-2020-10399
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CVE-2020-10400
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CVE-2020-10401
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-article.php by adding a question mark (?) followed by the payload.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CVE-2020-10387
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
CVSS Score
4.9
EPSS Score
0.105
Published
2020-03-12
CVE-2020-10386
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory.
CVSS Score
7.2
EPSS Score
0.179
Published
2020-03-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved