CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10388
https://notcve.org/view.php?id=CVE-2020-10388
The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php). La manera en que es manejado el encabezado Referer en el archivo article.php en Chadha PHPKB Standard Multi-Language versión 9, permite a atacantes ejecutar ataques de tipo XSS Almacenado (Ciego) (inyectando script web o HTML arbitrario) en el archivo admin/report-.php (archivo vulnerable admin/include/functions-articles.php). • http://antoniocannito.it/?p=137#bxss1 https://antoniocannito.it/phpkb1#blind-cross-site-scripting-cve-2020-10388 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 6%CPEs: 1EXPL: 3CVE-2020-10387 – PHPKB Multi-Language 9 - Authenticated Directory Traversal
https://notcve.org/view.php?id=CVE-2020-10387
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file. Un Salto de Ruta en el archivo admin/download.php en Chadha PHPKB Standard Multi-Language versión 9, permite a atacantes remotos descargar archivos del servidor usando una secuencia punto-punto-barra (../) por medio del archivo del parámetro GET. PHPKB Multi-Language 9 suffers from an authenticated directory traversal vulnerability. • https://www.exploit-db.com/exploits/48220 http://antoniocannito.it/?p=137#afd http://packetstormsecurity.com/files/156754/PHPKB-Multi-Language-9-Authenticated-Directory-Traversal.html https://antoniocannito.it/phpkb1#authenticated-arbitrary-file-download-cve-2020-10387 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 11%CPEs: 1EXPL: 4CVE-2020-10386 – PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-10386
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory. El archivo admin/imagepaster/image-upload.php en Chadha PHPKB Standard Multi-Language versión 9, permite a atacantes remotos lograr una Ejecución de Código al cargar un archivo .php en el directorio admin/js/. PHPKB Multi-Language 9 suffers from an image-upload.php remote authenticated code execution vulnerability. • https://www.exploit-db.com/exploits/48221 http://antoniocannito.it/?p=137#rce1 http://packetstormsecurity.com/files/156757/PHPKB-Multi-Language-9-image-upload.php-Code-Execution.html https://antoniocannito.it/phpkb1#remote-code-execution-cve-2020-10386 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10487 – Apache Tomcat AJP Ghostcat File Read / Inclusion
https://notcve.org/view.php?id=CVE-2020-10487
CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request. Una vulnerabilidad de tipo CSRF en el archivo admin/manage-glossary.php en Chadha PHPKB Standard Multi-Language versión 9, permite a atacantes eliminar un término del glosario por medio de una petición diseñada. • http://antoniocannito.it/?p=343#csrf10 https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-glossary-term-cve-2020-10487 • CWE-352: Cross-Site Request Forgery (CSRF) •