Lucene search
K

84 matches found

OSV
OSV
added 2023/12/07 7:15 a.m.4 views

CVE-2023-48830

Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...

8.8CVSS5.8AI score0.01201EPSS
Exploits2References2
NVD
NVD
added 2023/12/07 7:15 a.m.24 views

CVE-2023-48830

Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...

8.8CVSS0.01201EPSS
Exploits2References2
Prion
Prion
added 2023/12/07 7:15 a.m.14 views

Input validation

Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...

6.5CVSS7.4AI score0.01201EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2023/12/07 6:15 a.m.30 views

CVE-2023-48172

A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...

5.4CVSS0.00721EPSS
Exploits3References3
OSV
OSV
added 2023/12/07 6:15 a.m.8 views

CVE-2023-48172

A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...

5.4CVSS5.8AI score0.00721EPSS
Exploits3References3
ATTACKERKB
ATTACKERKB
added 2023/12/07 6:15 a.m.2 views

CVE-2023-48172

A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...

5.4CVSS5.8AI score0.00721EPSS
Exploits3References4
Prion
Prion
added 2023/12/07 6:15 a.m.22 views

Cross site scripting

A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...

4.9CVSS6.1AI score0.00721EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2023/12/07 12:0 a.m.35 views

CVE-2023-48172

A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...

5.4AI score0.00721EPSS
Exploits3References3
CVE
CVE
added 2023/12/07 12:0 a.m.38 views

CVE-2023-48830

Shuttle Booking Software 2.0 is affected by CVE-2023-48830 due to CSV injection in the Languages section during export. The root cause is insufficient input validation on the Unique ID field in the Reservations list used to construct CSV exports. Impact is exposure of injected content in exported...

8.8CVSS8.7AI score0.01201EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2023/12/07 12:0 a.m.55 views

CVE-2023-48172

CVE-2023-48172 affects Shuttle Booking Software v2.0 (PHP Jabbers). The vulnerability is a Cross Site Scripting (XSS) flaw that allows a remote attacker to inject JavaScript via the name, description, title, or address parameters sent to index.php. Public exploit discussions (e.g., PacketStorm an...

5.4CVSS5.2AI score0.00721EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2023/12/07 12:0 a.m.28 views

CVE-2023-48830

Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...

9AI score0.01201EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/12/07 12:0 a.m.5 views

Shuttle Booking Software Security Breach

Shuttle Booking Software is a PHP Jabbers open source shuttle booking software. A security vulnerability exists in Shuttle Booking Software version 2.0, which stems from a CSV injection vulnerability in the Languages selection function when exporting...

8.8CVSS8.8AI score0.01201EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2023/12/06 12:0 a.m.4 views

PT-2023-30974 · Unknown · Shuttle Booking

Name of the Vulnerable Software and Affected Versions: Shuttle Booking Software version 2.0 Description: The issue concerns a CSV Injection vulnerability in the Languages section of the software, which can be exploited via an export. Recommendations: For Shuttle Booking Software version 2.0,...

8.8CVSS8.7AI score0.01201EPSS
Exploits2References4
Packet Storm
Packet Storm
added 2023/12/04 12:0 a.m.468 views

PHPJabbers Shuttle Booking Software 2.0 CSV Injection

Exploit Title: PHPJabbers Shuttle Booking Software v2.0 - CSV Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/shuttle-booking-software/ Version: v2.0 Tested on: Windows 10...

7.4AI score0.01201EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/11/20 12:0 a.m.426 views

Shuttle Booking Software 2.0 Cross Site Scripting

Exploit Title: Shuttle Booking Software v2.0 - Multiple Stored Cross-Site Scripting Authenticated Date: 09/11/2023 Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/shuttle-booking-software/ Software Link:...

7.5AI score0.00721EPSS
Exploits3
CNNVD
CNNVD
added 2023/11/20 12:0 a.m.4 views

Shuttle Booking Software Cross-Site Scripting Vulnerability

Shuttle Booking Software is a PHP Jabbers open source shuttle booking software. A cross-site scripting vulnerability exists in version 2.0 of Shuttle Booking Software. A remote attacker can use this vulnerability to execute arbitrary code via the name, description, title and address parameters in...

5.4CVSS7AI score0.00721EPSS
Exploits3References5
ATTACKERKB
ATTACKERKB
added 2023/10/12 4:15 p.m.9 views

CVE-2023-43147

PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery CSRF to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI...

8.8CVSS7.2AI score0.00487EPSS
Exploits2References3
OSV
OSV
added 2023/10/12 4:15 p.m.5 views

CVE-2023-43147

PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery CSRF to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI...

8.8CVSS5.8AI score0.00486EPSS
Exploits1References1
Prion
Prion
added 2023/10/12 4:15 p.m.23 views

Cross site request forgery (csrf)

PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery CSRF to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI...

6.8CVSS8.8AI score0.00486EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/12 12:0 a.m.9 views

PT-2023-28717 · Phpjabbers · Phpjabbers Limo Booking

Name of the Vulnerable Software and Affected Versions: PHPJabbers Limo Booking Software version 1.0 Description: The issue allows for Cross Site Request Forgery CSRF to add an admin user via the Add Users Function. This can be achieved through the...

8.8CVSS8.8AI score0.00486EPSS
Exploits1References4
Rows per page
Query Builder