Search Results (Refine Search)
- Keyword (text search): PHP
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-36141 |
User enumeration is found in in PHPJabbers Cleaning Business Software 1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. Published: August 03, 2023; 8:15:13 PM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-36139 |
In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. Published: August 03, 2023; 8:15:13 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-36138 |
PHPJabbers Cleaning Business Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the theme parameter of preview.php. Published: August 03, 2023; 8:15:12 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-36137 |
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0. Published: August 03, 2023; 8:15:12 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-36135 |
User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. Published: August 03, 2023; 8:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-36134 |
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. Published: August 03, 2023; 8:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-36133 |
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change. Published: August 03, 2023; 8:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-36132 |
PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control. Published: August 03, 2023; 8:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-36131 |
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter. Published: August 03, 2023; 8:15:11 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-38947 |
An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file. Published: August 03, 2023; 12:15:12 PM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-4117 |
A vulnerability, which was classified as problematic, has been found in PHP Jabbers Rental Property Booking 2.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235964. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 03, 2023; 4:15:10 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4116 |
A vulnerability classified as problematic was found in PHP Jabbers Taxi Booking 2.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235963. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 03, 2023; 3:15:13 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4115 |
A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. VDB-235962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 03, 2023; 2:15:10 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4114 |
A vulnerability was found in PHP Jabbers Night Club Booking Software 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-235961 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 03, 2023; 2:15:10 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4113 |
A vulnerability was found in PHP Jabbers Service Booking Script 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-235960. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 03, 2023; 1:15:10 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4112 |
A vulnerability was found in PHP Jabbers Shuttle Booking Software 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-235959. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 03, 2023; 1:15:10 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4111 |
A vulnerability was found in PHP Jabbers Bus Reservation System 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index/pickup_id leads to cross site scripting. The attack may be launched remotely. VDB-235958 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 03, 2023; 12:15:10 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4110 |
A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument session_id leads to cross site scripting. The attack can be launched remotely. The identifier VDB-235957 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: August 02, 2023; 11:15:10 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-36212 |
File Upload vulnerability in Total CMS v.1.7.4 allows a remote attacker to execute arbitrary code via a crafted PHP file to the edit page function. Published: August 02, 2023; 10:15:09 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-36118 |
Cross Site Scripting vulnerability in Faculty Evaulation System using PHP/MySQLi v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the page parameter. Published: August 01, 2023; 7:15:30 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |