Vulnerabilities > Phpjabbers > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-36127 | Information Exposure Through Discrepancy vulnerability in PHPjabbers Appointment Scheduler 3.0 User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. | 7.5 |
| 2023-09-21 | CVE-2023-43274 | SQL Injection vulnerability in PHPjabbers PHP Shopping Cart 4.2 Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL Injection via the id parameter. | 7.5 |
| 2023-08-30 | CVE-2023-41539 | SQL Injection vulnerability in PHPjabbers Business Directory Script 3.2 phpjabbers Business Directory Script 3.2 is vulnerable to SQL Injection via the column parameter. | 7.5 |
| 2023-08-28 | CVE-2023-40754 | Incorrect Permission Assignment for Critical Resource vulnerability in PHPjabbers CAR Rental Script 3.0 In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. | 8.8 |
| 2023-08-10 | CVE-2023-38830 | Exposure of Resource to Wrong Sphere vulnerability in PHPjabbers Yacht Listing Script 1.0 An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. | 7.5 |
| 2023-08-04 | CVE-2023-36135 | Unspecified vulnerability in PHPjabbers Class Scheduling System 1.0 User enumeration is found in in PHPJabbers Class Scheduling System v1.0. | 7.5 |
| 2023-08-01 | CVE-2023-33563 | Improper Authentication vulnerability in PHPjabbers Time Slots Booking Calendar 3.3 In PHP Jabbers Time Slots Booking Calendar 3.3 , lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. | 8.8 |
| 2021-11-05 | CVE-2020-22223 | SQL Injection vulnerability in PHPjabbers Fundraising Script 1.0 Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function. | 7.5 |
| 2021-11-05 | CVE-2020-22225 | SQL Injection vulnerability in PHPjabbers Fundraising Script 1.0 Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function. | 7.5 |
| 2021-11-05 | CVE-2020-22226 | SQL Injection vulnerability in PHPjabbers Fundraising Script 1.0 Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function. | 7.5 |