Default credentials

2023-08-2813:15:00

PRIOn knowledge base

www.prio-n.com

phpjabbers

car rental script

remote attackers

account takeover

email address

password

verification

nvd

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.5%

JSON

In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.

CPENameOperatorVersion
car_rental_scripteq3.0

CPE	Name	Operator	Version
	car_rental_script	eq	3.0

References

medium.com/@mfortinsec/multiple-vulnerabilities-in-phpjabbers-part-3-40fc3565982f

www.phpjabbers.com/car-rental-script/