17 matches found
CVE-2023-51336
PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
CVE-2023-51320
PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
CVE-2023-51298
PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...
CVE-2023-48841
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...
CVE-2023-48841
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...
CVE-2023-48841
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...
CVE-2023-48835
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language Labels Export action...
CVE-2023-48835
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language Labels Export action...
Input validation
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...
Input validation
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language Labels Export action...
PT-2023-30984 · Unknown · Appointment Scheduler
Name of the Vulnerable Software and Affected Versions: Appointment Scheduler version 3.0 Description: The issue concerns a CSV Injection vulnerability via the Language Labels Export action. This allows for potential code execution. Recommendations: For Appointment Scheduler version 3.0, update to...
CVE-2023-48835
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language Labels Export action...
CVE-2023-48841
CVE-2023-48841 affects PHPJabbers Appointment Scheduler 3.0. The vulnerability is a CSV injection in the Language > Labels > Export action, caused by insufficient input validation on the Unique ID field used to construct the CSV file. Impact is described as high (C/H/I/H/A/H) per CVSS data,...
Car Rental Script Security Vulnerability
Car Rental Script is an open source vehicle rental script from GZ Script. A security vulnerability exists in Car Rental v3.0, which originates from a CSV injection vulnerability in the Language Labels Export operation...
CVE-2023-48841
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...
PT-2023-30978 · Unknown · Car Rental Script
Name of the Vulnerable Software and Affected Versions: Car Rental Script version 3.0 Description: The issue concerns a CSV Injection vulnerability. It can be exploited via the Language Labels Export action. Recommendations: For Car Rental Script version 3.0, consider disabling the Export action i...
CVE-2023-48841
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language Labels Export action...