Search

Expected end of text, found '.' (at char 30), (line:1, col:31)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (357376 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-10402 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-category.php by adding a question mark (?) followed by the payload.
CVE-2020-10401 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-article.php by adding a question mark (?) followed by the payload.
CVE-2020-10400 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload.
CVE-2020-10399 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload.
CVE-2020-10398 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-template.php by adding a question mark (?) followed by the payload.
CVE-2020-10397 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload.
CVE-2020-10396 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload.
CVE-2020-10395 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload.
CVE-2020-10394 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload.
CVE-2020-10393 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (?) followed by the payload.
CVE-2020-10392 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload.
CVE-2020-10391 1 Chadhaajay 1 Phpkb 2024-11-21 4.8 Medium
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-article.php by adding a question mark (?) followed by the payload.
CVE-2020-10390 1 Chadhaajay 1 Phpkb 2024-11-21 7.2 High
OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php.
CVE-2020-10389 1 Chadhaajay 1 Phpkb 2024-11-21 7.2 High
admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings.
CVE-2020-10388 1 Chadhaajay 1 Phpkb 2024-11-21 5.4 Medium
The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php).
CVE-2020-10387 1 Chadhaajay 1 Phpkb 2024-11-21 4.9 Medium
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
CVE-2020-10386 1 Chadhaajay 1 Phpkb 2024-11-21 7.2 High
admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory.
CVE-2020-10385 1 Wpforms 1 Contact Form 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability exists in the WPForms Contact Form (aka wpforms-lite) plugin before 1.5.9 for WordPress.
CVE-2020-10384 1 Mbconnectline 2 Mbconnect24, Mymbconnect24 2024-11-21 7.8 High
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a local privilege escalation from the www-data account to the root account.
CVE-2020-10383 1 Mbconnectline 2 Mbconnect24, Mymbconnect24 2024-11-21 9.8 Critical
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. There is an unauthenticated remote code execution in the com_mb24sysapi module.