84 matches found
EUVD-2023-52252
Malicious code in bioql PyPI...
EUVD-2023-54000
Malicious code in bioql PyPI...
PT-2025-23557 · Unknown · Booking/Rental Manager
Name of the Vulnerable Software and Affected Versions: Booking and Rental Manager versions 2.3.8 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 2.3.8 and...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-4112
A vulnerability was found in PHP Jabbers Shuttle Booking Software 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this...
CVE-2023-48172
A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...
CVE-2025-47498
CVE-2025-47498 affects WordPress Hotel Booking (Hotel Booking plugin) versions n/a through 3.6 and is a Local File Inclusion due to improper filename control in PHP include/require statements. The CVSS v3.1 base score is 7.5 (HIGH) with network, high exploit complexity, low privileges, and no use...
WordPress Hotel + Bed and Breakfast Booking Calendar Theme | Bellevue Theme <= 4.2.2 is vulnerable to Broken Access Control
Software Hotel + Bed and Breakfast Booking Calendar Theme | Bellevue Type Theme Vulnerable versions = 4.2.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-39398 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
CVE-2023-51321
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...
CVE-2023-51320
PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
CVE-2023-51321
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...
CVE-2023-51320
PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
CVE-2023-51321
CVE-2023-51321 describes a missing rate limit in the Forgot Password/Forgot Email flow of PHPJabbers Night Club Booking Software v1.0, enabling an attacker to trigger a high volume of email messages to a legitimate user and potentially cause a Denial of Service. The affected product is PHPJabbers...
CVE-2023-51321
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...
CVE-2023-51321
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...
CVE-2024-32125
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Booking Algorithms BA Book Everything.This issue affects BA Book Everything: from n/a through 1.6.4...
PHPJabbers Night Club Booking Software 1.0 CSV Injection
Exploit Title: PHPJabbers Night Club Booking Software v1.0 - CSV Injection Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/night-club-booking-software/sectionDemo Version: v1.0 Test...
Night Club Booking Software Security Breach
Night Club Booking Software is a PHPJabbers open source night club booking software. A security vulnerability exists in Night Club Booking Software version 1.0, which stems from a lost rate limit vulnerability...
PHPJabbers Night Club Booking Software 1.0 Missing Rate Limiting
Exploit Title: PHPJabbers Night Club Booking Software v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/night-club-booking-software/sectionDemo Version: v1.0 Test...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...