Search criteria
119 vulnerabilities by chadhaajay
CVE-2020-11579 (GCVE-0-2020-11579)
Vulnerability from cvelistv5 – Published: 2020-09-03 17:15 – Updated: 2024-08-04 11:35
VLAI?
Summary
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:35:13.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.phpkb.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:20:27.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.phpkb.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://shielder.it/",
"refsource": "MISC",
"url": "https://shielder.it/"
},
{
"name": "https://github.com/ShielderSec/CVE-2020-11579",
"refsource": "MISC",
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"name": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/",
"refsource": "MISC",
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"name": "https://www.phpkb.com",
"refsource": "MISC",
"url": "https://www.phpkb.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11579",
"datePublished": "2020-09-03T17:15:08.000Z",
"dateReserved": "2020-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:35:13.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10504 (GCVE-0-2020-10504)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:33:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf27",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10504",
"datePublished": "2020-03-12T13:06:13.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10503 (GCVE-0-2020-10503)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf26",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10503",
"datePublished": "2020-03-12T13:06:12.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10502 (GCVE-0-2020-10502)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:26.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf25",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10502",
"datePublished": "2020-03-12T13:06:11.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10501 (GCVE-0-2020-10501)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf24",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10501",
"datePublished": "2020-03-12T13:06:09.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10500 (GCVE-0-2020-10500)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf23",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10500",
"datePublished": "2020-03-12T13:06:08.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10499 (GCVE-0-2020-10499)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10499",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf22",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10499",
"datePublished": "2020-03-12T13:06:06.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10498 (GCVE-0-2020-10498)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf21",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10498",
"datePublished": "2020-03-12T13:06:05.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10497 (GCVE-0-2020-10497)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf20",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10497",
"datePublished": "2020-03-12T13:06:03.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10496 (GCVE-0-2020-10496)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf19",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10496",
"datePublished": "2020-03-12T13:06:02.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10495 (GCVE-0-2020-10495)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:28:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf18",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10495",
"datePublished": "2020-03-12T13:06:01.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10494 (GCVE-0-2020-10494)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf17",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10494",
"datePublished": "2020-03-12T13:06:00.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10493 (GCVE-0-2020-10493)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf16",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10493",
"datePublished": "2020-03-12T13:05:58.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10492 (GCVE-0-2020-10492)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf15",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10492",
"datePublished": "2020-03-12T13:05:57.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10491 (GCVE-0-2020-10491)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf14",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10491",
"datePublished": "2020-03-12T13:05:56.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10490 (GCVE-0-2020-10490)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:25:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf13",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf13"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10490",
"datePublished": "2020-03-12T13:05:55.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10489 (GCVE-0-2020-10489)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf12"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:25:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf12"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf12",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf12"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10489",
"datePublished": "2020-03-12T13:05:53.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10488 (GCVE-0-2020-10488)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:24:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf11",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf11"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10488",
"datePublished": "2020-03-12T13:05:52.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10487 (GCVE-0-2020-10487)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:23:59.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf10",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf10"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10487",
"datePublished": "2020-03-12T13:05:51.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10486 (GCVE-0-2020-10486)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:23:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf9",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf9"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10486",
"datePublished": "2020-03-12T13:05:50.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10485 (GCVE-0-2020-10485)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:22:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf8",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf8"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10485",
"datePublished": "2020-03-12T13:05:48.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10484 (GCVE-0-2020-10484)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:21:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf7",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf7"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10484",
"datePublished": "2020-03-12T13:05:47.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10483 (GCVE-0-2020-10483)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:21:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf6",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf6"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10483",
"datePublished": "2020-03-12T13:05:46.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10482 (GCVE-0-2020-10482)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:20:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf5",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf5"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10482",
"datePublished": "2020-03-12T13:05:44.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10481 (GCVE-0-2020-10481)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:19:57.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf4",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf4"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10481",
"datePublished": "2020-03-12T13:05:43.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10480 (GCVE-0-2020-10480)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:18:54.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10480",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf3",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf3"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10480",
"datePublished": "2020-03-12T13:05:42.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10479 (GCVE-0-2020-10479)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:18:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf2",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf2"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10479",
"datePublished": "2020-03-12T13:05:41.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10478 (GCVE-0-2020-10478)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:17:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf1",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf1"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10478",
"datePublished": "2020-03-12T13:05:39.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10477 (GCVE-0-2020-10477)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=342#xss16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:17:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=342#xss16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=342#xss16",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=342#xss16"
},
{
"name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10477",
"datePublished": "2020-03-12T13:05:38.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10476 (GCVE-0-2020-10476)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI?
Summary
Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=342#xss15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:16:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=342#xss15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=342#xss15",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=342#xss15"
},
{
"name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10476",
"datePublished": "2020-03-12T13:05:37.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}