33 matches found
EUVD-2023-52252
Malicious code in bioql PyPI...
EUVD-2023-52861
Malicious code in bioql PyPI...
EUVD-2023-53998
Malicious code in bioql PyPI...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-4112
A vulnerability was found in PHP Jabbers Shuttle Booking Software 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this...
CVE-2023-48172
A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
Input validation
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-48172
A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...
CVE-2023-48172
A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...
CVE-2023-48172
A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...
Cross site scripting
A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...
Shuttle Booking Software Security Breach
Shuttle Booking Software is a PHP Jabbers open source shuttle booking software. A security vulnerability exists in Shuttle Booking Software version 2.0, which stems from a CSV injection vulnerability in the Languages selection function when exporting...
CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...
CVE-2023-48830
Shuttle Booking Software 2.0 is affected by CVE-2023-48830 due to CSV injection in the Languages section during export. The root cause is insufficient input validation on the Unique ID field in the Reservations list used to construct CSV exports. Impact is exposure of injected content in exported...
CVE-2023-48172
A Cross Site Scripting XSS vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php...
CVE-2023-48172
CVE-2023-48172 affects Shuttle Booking Software v2.0 (PHP Jabbers). The vulnerability is a Cross Site Scripting (XSS) flaw that allows a remote attacker to inject JavaScript via the name, description, title, or address parameters sent to index.php. Public exploit discussions (e.g., PacketStorm an...
PT-2023-30974 · Unknown · Shuttle Booking
Name of the Vulnerable Software and Affected Versions: Shuttle Booking Software version 2.0 Description: The issue concerns a CSV Injection vulnerability in the Languages section of the software, which can be exploited via an export. Recommendations: For Shuttle Booking Software version 2.0,...