Lucene search
K

5 matches found

NVD
NVD
added 2023/12/07 7:15 a.m.23 views

CVE-2023-48827

Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injection issues via the name, pluginsmsapikey, pluginsmscountrycode, calendarid, title, country name, or customername parameter...

5.4CVSS0.00465EPSS
Exploits2References2
Prion
Prion
added 2023/12/07 7:15 a.m.22 views

Design/Logic Flaw

A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion...

5CVSS7AI score0.01051EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2023/12/07 7:15 a.m.12 views

Cross site scripting

Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS issues via the name, pluginsmsapikey, pluginsmscountrycode, calendarid, title, country name, or customername parameter...

4.9CVSS5.9AI score0.00465EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2023/12/07 12:0 a.m.38 views

CVE-2023-48827

CVE-2023-48827 affects PHPJabbers Time Slots Booking Calendar 4.0. The vulnerability is an HTML injection (XSS) flaw caused by insufficient sanitization in multiple parameters (name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, customer_name). Impact is web-page ...

5.4CVSS5.7AI score0.00465EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/06 12:0 a.m.6 views

PT-2023-30972 · Unknown · Time Slots Booking Calendar

Name of the Vulnerable Software and Affected Versions: Time Slots Booking Calendar version 4.0 Description: The issue concerns Multiple Stored Cross-Site Scripting XSS problems. These issues can be exploited via several parameters, including name, plugin sms api key, plugin sms country code,...

5.4CVSS5.3AI score0.00465EPSS
Exploits2References4
Rows per page
Query Builder