Chadhaajay: Security Vulnerabilities
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-03-12
Reflected XSS in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
Reflected XSS in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
Reflected XSS in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-12
CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-03-12
CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-03-12
CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-03-12