Phpjabbers : Security Vulnerabilities, CVEs, CVSS score >= 7
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-07
Updated
2023-12-09
A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to cause resource exhaustion.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-07
Updated
2023-12-09
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-07
Updated
2023-12-09
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-07
Updated
2023-12-09
A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-07
Updated
2023-12-09
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-12-07
Updated
2023-12-09
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-07
Updated
2023-12-09
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-07
Updated
2023-12-09
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-07
Updated
2023-12-11
Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL Injection via the id parameter.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-09-21
Updated
2023-09-22
PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-10-12
Updated
2023-10-18
phpjabbers Business Directory Script 3.2 is vulnerable to SQL Injection via the column parameter.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-08-30
Updated
2023-09-05
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-09-28
User enumeration is found in PHPJabbers Taxi Booking Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHP Jabbers Restaurant Booking Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.
Max CVSS
8.8
EPSS Score
0.10%
Published
2023-08-28
Updated
2023-08-29