Phpjabbers : Security Vulnerabilities, CVEs, CVSS score >= 9
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-09-28
User enumeration is found in PHPJabbers Taxi Booking Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHP Jabbers Restaurant Booking Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-28
Updated
2023-08-29
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-08-28
Updated
2023-08-29
PHPJabbers Food Delivery Script 3.0 has a SQL injection (SQLi) vulnerability in the "q" parameter of index.php.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-08-28
Updated
2023-08-29
A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 allows attackers to execute arbitrary code via uploading a crafted file.
Max CVSS
9.8
EPSS Score
0.13%
Published
2023-08-10
Updated
2023-08-11
There is a SQL injection (SQLi) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-08-10
Updated
2023-08-11
In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user accounts.
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-09-11
Updated
2023-09-13
In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.
Max CVSS
9.8
EPSS Score
0.15%
Published
2023-08-04
Updated
2023-08-05
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.
Max CVSS
9.8
EPSS Score
0.15%
Published
2023-08-04
Updated
2023-08-08
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-04
Updated
2023-08-05
PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-04
Updated
2023-08-05
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-04
Updated
2023-08-05
User enumeration is found in in PHP Jabbers Time Slots Booking Calendar v3.3. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-01
Updated
2023-08-04
Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-08-01
Updated
2023-08-04
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.
Max CVSS
9.8
EPSS Score
0.17%
Published
2021-11-05
Updated
2021-11-09