Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
238 vulnerabilities by chadhaajay
CVE-2020-11579 (GCVE-0-2020-11579)
Vulnerability from cvelistv5 – Published: 2020-09-03 17:15 – Updated: 2024-08-04 11:35
VLAI
Summary
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://shielder.it/ | x_refsource_MISC |
| https://github.com/ShielderSec/CVE-2020-11579 | x_refsource_MISC |
| https://www.shielder.it/blog/mysql-and-cve-2020-1… | x_refsource_MISC |
| https://www.phpkb.com | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:35:13.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.phpkb.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:20:27.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.phpkb.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://shielder.it/",
"refsource": "MISC",
"url": "https://shielder.it/"
},
{
"name": "https://github.com/ShielderSec/CVE-2020-11579",
"refsource": "MISC",
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"name": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/",
"refsource": "MISC",
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"name": "https://www.phpkb.com",
"refsource": "MISC",
"url": "https://www.phpkb.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11579",
"datePublished": "2020-09-03T17:15:08.000Z",
"dateReserved": "2020-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:35:13.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10504 (GCVE-0-2020-10504)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf27 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:33:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf27",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10504",
"datePublished": "2020-03-12T13:06:13.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10503 (GCVE-0-2020-10503)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf26 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf26",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10503",
"datePublished": "2020-03-12T13:06:12.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10502 (GCVE-0-2020-10502)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf25 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:26.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf25",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10502",
"datePublished": "2020-03-12T13:06:11.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10501 (GCVE-0-2020-10501)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf24 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf24",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10501",
"datePublished": "2020-03-12T13:06:09.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10500 (GCVE-0-2020-10500)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf23 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf23",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10500",
"datePublished": "2020-03-12T13:06:08.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10499 (GCVE-0-2020-10499)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf22 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10499",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf22",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10499",
"datePublished": "2020-03-12T13:06:06.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10498 (GCVE-0-2020-10498)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf21 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf21",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10498",
"datePublished": "2020-03-12T13:06:05.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10497 (GCVE-0-2020-10497)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf20 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf20",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10497",
"datePublished": "2020-03-12T13:06:03.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10496 (GCVE-0-2020-10496)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf19 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf19",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10496",
"datePublished": "2020-03-12T13:06:02.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10495 (GCVE-0-2020-10495)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf18 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:28:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf18",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10495",
"datePublished": "2020-03-12T13:06:01.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10494 (GCVE-0-2020-10494)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf17 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf17",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10494",
"datePublished": "2020-03-12T13:06:00.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10493 (GCVE-0-2020-10493)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf16 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf16",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10493",
"datePublished": "2020-03-12T13:05:58.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10492 (GCVE-0-2020-10492)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf15 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf15",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10492",
"datePublished": "2020-03-12T13:05:57.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10491 (GCVE-0-2020-10491)
Vulnerability from cvelistv5 – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf14 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf14",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10491",
"datePublished": "2020-03-12T13:05:56.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11579 (GCVE-0-2020-11579)
Vulnerability from nvd – Published: 2020-09-03 17:15 – Updated: 2024-08-04 11:35
VLAI
Summary
An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://shielder.it/ | x_refsource_MISC |
| https://github.com/ShielderSec/CVE-2020-11579 | x_refsource_MISC |
| https://www.shielder.it/blog/mysql-and-cve-2020-1… | x_refsource_MISC |
| https://www.phpkb.com | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:35:13.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.phpkb.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:20:27.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://shielder.it/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.phpkb.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://shielder.it/",
"refsource": "MISC",
"url": "https://shielder.it/"
},
{
"name": "https://github.com/ShielderSec/CVE-2020-11579",
"refsource": "MISC",
"url": "https://github.com/ShielderSec/CVE-2020-11579"
},
{
"name": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/",
"refsource": "MISC",
"url": "https://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation/"
},
{
"name": "https://www.phpkb.com",
"refsource": "MISC",
"url": "https://www.phpkb.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11579",
"datePublished": "2020-09-03T17:15:08.000Z",
"dateReserved": "2020-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:35:13.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10504 (GCVE-0-2020-10504)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf27 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:33:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf27",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf27"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-comment-cve-2020-10504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10504",
"datePublished": "2020-03-12T13:06:13.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10503 (GCVE-0-2020-10503)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf26 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf26",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf26"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-disapproving-a-new-comment-cve-2020-10503"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10503",
"datePublished": "2020-03-12T13:06:12.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10502 (GCVE-0-2020-10502)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf25 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:32:26.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf25",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf25"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-approving-a-new-comment-cve-2020-10502"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10502",
"datePublished": "2020-03-12T13:06:11.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10501 (GCVE-0-2020-10501)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf24 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf24",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf24"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-department-cve-2020-10501"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10501",
"datePublished": "2020-03-12T13:06:09.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10500 (GCVE-0-2020-10500)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf23 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:31:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf23",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf23"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-replying-to-a-ticket-cve-2020-10500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10500",
"datePublished": "2020-03-12T13:06:08.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10499 (GCVE-0-2020-10499)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf22 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10499",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf22",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf22"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-closing-a-ticket-cve-2020-10499"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10499",
"datePublished": "2020-03-12T13:06:06.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10498 (GCVE-0-2020-10498)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf21 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:30:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf21",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf21"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-category-cve-2020-10498"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10498",
"datePublished": "2020-03-12T13:06:05.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10497 (GCVE-0-2020-10497)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf20 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf20",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf20"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-a-category-cve-2020-10497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10497",
"datePublished": "2020-03-12T13:06:03.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10496 (GCVE-0-2020-10496)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf19 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:29:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf19",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf19"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-cve-2020-10496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10496",
"datePublished": "2020-03-12T13:06:02.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10495 (GCVE-0-2020-10495)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf18 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:28:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf18",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf18"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-an-article-template-cve-2020-10495"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10495",
"datePublished": "2020-03-12T13:06:01.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10494 (GCVE-0-2020-10494)
Vulnerability from nvd – Published: 2020-03-12 13:06 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf17 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:53.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf17",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf17"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-news-article-cve-2020-10494"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10494",
"datePublished": "2020-03-12T13:06:00.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10493 (GCVE-0-2020-10493)
Vulnerability from nvd – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf16 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:27:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf16",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf16"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-editing-a-glossary-term-cve-2020-10493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10493",
"datePublished": "2020-03-12T13:05:58.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10492 (GCVE-0-2020-10492)
Vulnerability from nvd – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf15 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf15",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf15"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-deleting-an-article-template-cve-2020-10492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10492",
"datePublished": "2020-03-12T13:05:57.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10491 (GCVE-0-2020-10491)
Vulnerability from nvd – Published: 2020-03-12 13:05 – Updated: 2024-08-04 11:06
VLAI
Summary
CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://antoniocannito.it/?p=343#csrf14 | x_refsource_MISC |
| https://antoniocannito.it/phpkb3#cross-site-reque… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:09.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T17:26:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://antoniocannito.it/?p=343#csrf14",
"refsource": "MISC",
"url": "http://antoniocannito.it/?p=343#csrf14"
},
{
"name": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491",
"refsource": "MISC",
"url": "https://antoniocannito.it/phpkb3#cross-site-request-forgery-when-adding-a-department-cve-2020-10491"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10491",
"datePublished": "2020-03-12T13:05:56.000Z",
"dateReserved": "2020-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:09.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}