Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Chadhaajay Subscribe
Total 119 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11579 2 Chadhaajay, Php 2 Phpkb, Php 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
CVE-2020-10504 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request.
CVE-2020-10503 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request.
CVE-2020-10502 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request.
CVE-2020-10501 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request.
CVE-2020-10500 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request.
CVE-2020-10499 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request.
CVE-2020-10498 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request.
CVE-2020-10497 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request.
CVE-2020-10496 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request.
CVE-2020-10495 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request.
CVE-2020-10494 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request.
CVE-2020-10493 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request.
CVE-2020-10492 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.
CVE-2020-10491 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.
CVE-2020-10490 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.
CVE-2020-10489 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request.
CVE-2020-10488 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request.
CVE-2020-10487 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request.
CVE-2020-10486 1 Chadhaajay 1 Phpkb 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024