Vulnerabilities > Phpjabbers > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-04 CVE-2023-36134 Insufficient Verification of Data Authenticity vulnerability in PHPjabbers Class Scheduling System 1.0
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.
network
low complexity
phpjabbers CWE-345
critical
 9.8
9.8
2023-08-04 CVE-2023-36139 Insufficient Verification of Data Authenticity vulnerability in PHPjabbers Cleaning Business Software 1.0
In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.
network
low complexity
phpjabbers CWE-345
critical
 9.8
9.8
2023-08-01 CVE-2023-33561 Unspecified vulnerability in PHPjabbers Time Slots Booking Calendar 3.3
Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords.
network
low complexity
phpjabbers
critical
 9.8
9.8
2023-08-01 CVE-2023-33562 Unspecified vulnerability in PHPjabbers Time Slots Booking Calendar 3.3
User enumeration is found in in PHP Jabbers Time Slots Booking Calendar v3.3.
network
low complexity
phpjabbers
critical
 9.8
9.8
2021-11-05 CVE-2020-22223 SQL Injection vulnerability in PHPjabbers Fundraising Script 1.0
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.
network
low complexity
phpjabbers CWE-89
critical
 9.8
9.8
2021-11-05 CVE-2020-22225 SQL Injection vulnerability in PHPjabbers Fundraising Script 1.0
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function.
network
low complexity
phpjabbers CWE-89
critical
 9.8
9.8
2021-11-05 CVE-2020-22226 SQL Injection vulnerability in PHPjabbers Fundraising Script 1.0
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.
network
low complexity
phpjabbers CWE-89
critical
 9.8
9.8