Search criteria
119 vulnerabilities by chadhaajay
CVE-2020-11579 (GCVE-0-2020-11579)
Vulnerability from cvelistv5 – Published: 2020-09-03 17:15 – Updated: 2024-08-04 11:35
VLAI
Summary
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://shielder.it/ | x_refsource_MISC |
| https://github.com/ShielderSec/CVE-2020-11579 | x_refsource_MISC |
| https://www.shielder.it/blog/mysql-and-cve-2020-1… | x_refsource_MISC |
| https://www.phpkb.com | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:35:13.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.phpkb.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:20:27.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.phpkb.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://shielder.it/",
"refsource": "MISC",
"url": "https://shielder.it/"
},
{
"name": "https://github.com/ShielderSec/CVE-2020-11579",
"refsource": "MISC",
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"name": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/",
"refsource": "MISC",
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"name": "https://www.phpkb.com",
"refsource": "MISC",
"url": "https://www.phpkb.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11579",
"datePublished": "2020-09-03T17:15:08.000Z",
"dateReserved": "2020-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:35:13.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10504 (GCVE-0-2020-10504)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf27 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:33:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf27",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10504",
"datePublished": "2020-03-12T13:06:13.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10503 (GCVE-0-2020-10503)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf26 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf26",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10503",
"datePublished": "2020-03-12T13:06:12.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10502 (GCVE-0-2020-10502)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf25 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:26.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf25",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10502",
"datePublished": "2020-03-12T13:06:11.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10501 (GCVE-0-2020-10501)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf24 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf24",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10501",
"datePublished": "2020-03-12T13:06:09.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10500 (GCVE-0-2020-10500)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf23 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf23",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10500",
"datePublished": "2020-03-12T13:06:08.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10499 (GCVE-0-2020-10499)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf22 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10499",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf22",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10499",
"datePublished": "2020-03-12T13:06:06.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10498 (GCVE-0-2020-10498)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf21 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf21",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10498",
"datePublished": "2020-03-12T13:06:05.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10497 (GCVE-0-2020-10497)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf20 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf20",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10497",
"datePublished": "2020-03-12T13:06:03.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10496 (GCVE-0-2020-10496)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf19 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf19",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10496",
"datePublished": "2020-03-12T13:06:02.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10495 (GCVE-0-2020-10495)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf18 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:28:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf18",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10495",
"datePublished": "2020-03-12T13:06:01.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10494 (GCVE-0-2020-10494)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf17 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf17",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10494",
"datePublished": "2020-03-12T13:06:00.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10493 (GCVE-0-2020-10493)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf16 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf16",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10493",
"datePublished": "2020-03-12T13:05:58.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10492 (GCVE-0-2020-10492)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf15 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf15",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10492",
"datePublished": "2020-03-12T13:05:57.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10491 (GCVE-0-2020-10491)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf14 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf14",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10491",
"datePublished": "2020-03-12T13:05:56.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10490 (GCVE-0-2020-10490)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf13 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:25:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf13",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf13"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-department-cve-2020-10490"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10490",
"datePublished": "2020-03-12T13:05:55.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10489 (GCVE-0-2020-10489)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf12 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf12"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:25:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf12"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf12",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf12"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-ticket-cve-2020-10489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10489",
"datePublished": "2020-03-12T13:05:53.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10488 (GCVE-0-2020-10488)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf11 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:24:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf11",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf11"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-news-article-cve-2020-10488"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10488",
"datePublished": "2020-03-12T13:05:52.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10487 (GCVE-0-2020-10487)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf10 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:23:59.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf10",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf10"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10487",
"datePublished": "2020-03-12T13:05:51.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10486 (GCVE-0-2020-10486)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf9 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:23:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf9",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf9"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-comment-cve-2020-10486"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10486",
"datePublished": "2020-03-12T13:05:50.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10485 (GCVE-0-2020-10485)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf8 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:22:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf8",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf8"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-cve-2020-10485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10485",
"datePublished": "2020-03-12T13:05:48.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10484 (GCVE-0-2020-10484)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf7 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:21:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf7",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf7"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-new-custom-field-cve-2020-10484"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10484",
"datePublished": "2020-03-12T13:05:47.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10483 (GCVE-0-2020-10483)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf6 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:21:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf6",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf6"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-posting-a-comment-cve-2020-10483"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10483",
"datePublished": "2020-03-12T13:05:46.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10482 (GCVE-0-2020-10482)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf5 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:20:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf5",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf5"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-article-template-cve-2020-10482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10482",
"datePublished": "2020-03-12T13:05:44.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10481 (GCVE-0-2020-10481)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf4 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:19:57.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf4",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf4"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-new-glossary-term-cve-2020-10481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10481",
"datePublished": "2020-03-12T13:05:43.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10480 (GCVE-0-2020-10480)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf3 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:18:54.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10480",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf3",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf3"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-category-cve-2020-10480"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10480",
"datePublished": "2020-03-12T13:05:42.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10479 (GCVE-0-2020-10479)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf2 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:18:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf2",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf2"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-creating-a-news-article-cve-2020-10479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10479",
"datePublished": "2020-03-12T13:05:41.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10478 (GCVE-0-2020-10478)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf1 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:17:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf1",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf1"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-changing-settings-cve-2020-10478"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10478",
"datePublished": "2020-03-12T13:05:39.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10477 (GCVE-0-2020-10477)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=342#xss16 | x_refsource_MISC |
| https://antoniocannito.it/phpkb2#reflected-cross-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=342#xss16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:17:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=342#xss16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=342#xss16",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=342#xss16"
},
{
"name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10477",
"datePublished": "2020-03-12T13:05:38.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10476 (GCVE-0-2020-10476)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=342#xss15 | x_refsource_MISC |
| https://antoniocannito.it/phpkb2#reflected-cross-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=342#xss15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:16:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=342#xss15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=342#xss15",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=342#xss15"
},
{
"name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-2-cve-2020-10476"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10476",
"datePublished": "2020-03-12T13:05:37.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}