Vulnerabilities > Phpjabbers > Time Slots Booking Calendar > 3.3

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-01	CVE-2023-33560	Cross-site Scripting vulnerability in PHPjabbers Time Slots Booking Calendar 3.3 There is a Cross Site Scripting (XSS) vulnerability in "cid" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3. network low complexity phpjabbers CWE-79	6.1
2023-08-01	CVE-2023-33561	Unspecified vulnerability in PHPjabbers Time Slots Booking Calendar 3.3 Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords. network low complexity phpjabbers critical	9.8
2023-08-01	CVE-2023-33562	Unspecified vulnerability in PHPjabbers Time Slots Booking Calendar 3.3 User enumeration is found in in PHP Jabbers Time Slots Booking Calendar v3.3. network low complexity phpjabbers critical	9.8
2023-08-01	CVE-2023-33563	Improper Authentication vulnerability in PHPjabbers Time Slots Booking Calendar 3.3 In PHP Jabbers Time Slots Booking Calendar 3.3 , lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. network low complexity phpjabbers CWE-287	8.8
2023-08-01	CVE-2023-33564	Cross-site Scripting vulnerability in PHPjabbers Time Slots Booking Calendar 3.3 There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3. network low complexity phpjabbers CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.