Vulnerabilities > Phpjabbers

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-10	CVE-2023-36313	Cross-site Scripting vulnerability in PHPjabbers Document Creator 1.0 PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of "Export Requests" aside from "request_feed". network low complexity phpjabbers CWE-79	6.1
2023-08-10	CVE-2023-36314	Cross-site Scripting vulnerability in PHPjabbers Callback Widget 1.0 There is a Cross Site Scripting (XSS) vulnerability in the value-text-o_sms_email_request_message parameters of index.php in PHPJabbers Callback Widget v1.0. network low complexity phpjabbers CWE-79	6.1
2023-08-10	CVE-2023-36315	Cross-site Scripting vulnerability in PHPjabbers Callback Widget 1.0 There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0. network low complexity phpjabbers CWE-79	6.1
2023-08-10	CVE-2023-38830	Exposure of Resource to Wrong Sphere vulnerability in PHPjabbers Yacht Listing Script 1.0 An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. network low complexity phpjabbers CWE-668	7.5
2023-08-10	CVE-2023-39776	Unrestricted Upload of File with Dangerous Type vulnerability in PHPjabbers Ticket Support Script 3.2 A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 allows attackers to execute arbitrary code via uploading a crafted file. network low complexity phpjabbers CWE-434 critical	9.8
2023-08-08	CVE-2023-36136	Cleartext Storage of Sensitive Information vulnerability in PHPjabbers Class Scheduling System 1.0 PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text. network low complexity phpjabbers CWE-312	6.5
2023-08-04	CVE-2023-36131	Unspecified vulnerability in PHPjabbers Availability Booking Calendar 5.0 PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter. network low complexity phpjabbers critical	9.8
2023-08-04	CVE-2023-36132	Unspecified vulnerability in PHPjabbers Availability Booking Calendar 5.0 PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control. network low complexity phpjabbers critical	9.8
2023-08-04	CVE-2023-36133	Unspecified vulnerability in PHPjabbers Availability Booking Calendar 5.0 PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change. network low complexity phpjabbers critical	9.8
2023-08-04	CVE-2023-36134	Insufficient Verification of Data Authenticity vulnerability in PHPjabbers Class Scheduling System 1.0 In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. network low complexity phpjabbers CWE-345 critical	9.8

Vulnerabilities > Phpjabbers {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpjabbers"}]}

Vulnerabilities > Phpjabbers