27 matches found
PHPJabbers Food Delivery Script v3.0 - SQL Injection
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php. id: CVE-2023-40749 info: name: PHPJabbers Food Delivery Script v3.0 - SQL Injection author: ritikchaddha severity: critical description: | PHPJabbers Food Delivery Script v3.0 is vulnerable...
VulnCheck KEV: CVE-2023-40748
PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php...
CVE-2023-40757
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40748
PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php...
CVE-2023-40749
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php...
CVE-2023-40757
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40757
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40757
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40748
PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php...
CVE-2023-40749
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php...
CVE-2023-40749
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php...
CVE-2023-40748
PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php...
CVE-2023-40749
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php...
CVE-2023-40748
PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php...
Design/Logic Flaw
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
Sql injection
PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php...
Sql injection
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php...
CVE-2023-40757
The CVE-2023-40757 entry concerns PHPJabbers Food Delivery Script v3.1. The vulnerability is a user-enumeration flaw in the password-recovery flow: an attacker can distinguish between valid and invalid usernames based on response messages, enabling brute-forcing valid user accounts. Affected soft...
CVE-2023-40749
PHPJabbers Food Delivery Script v3.0 is affected by an SQL injection in the column parameter of index.php. The underlying cause is unsanitized input (CWE-89), enabling unauthenticated attackers to potentially extract sensitive data. Impact and risk are described as high (NVD/Nuclei notes). Remedi...
CVE-2023-40757
User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...