Vulnerabilities > Phpjabbers > Availability Booking Calendar
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-48207 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPjabbers Availability Booking Calendar 5.0 Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component. | 8.8 |
| 2023-12-07 | CVE-2023-48208 | Cross-site Scripting vulnerability in PHPjabbers Availability Booking Calendar 5.0 A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to index.php. | 6.1 |
| 2023-12-07 | CVE-2023-48825 | Cross-site Scripting vulnerability in PHPjabbers Availability Booking Calendar 5.0 Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code. | 5.4 |
| 2023-12-07 | CVE-2023-48831 | Resource Exhaustion vulnerability in PHPjabbers Availability Booking Calendar 5.0 A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-08-04 | CVE-2023-36131 | Unspecified vulnerability in PHPjabbers Availability Booking Calendar 5.0 PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter. | 9.8 |
| 2023-08-04 | CVE-2023-36132 | Unspecified vulnerability in PHPjabbers Availability Booking Calendar 5.0 PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control. | 9.8 |
| 2023-08-04 | CVE-2023-36133 | Unspecified vulnerability in PHPjabbers Availability Booking Calendar 5.0 PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change. | 9.8 |
| 2023-08-03 | CVE-2023-4110 | Unspecified vulnerability in PHPjabbers Availability Booking Calendar 5.0 A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. | 6.1 |