5 matches found
CVE-2023-48827
Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injection issues via the name, pluginsmsapikey, pluginsmscountrycode, calendarid, title, country name, or customername parameter...
Design/Logic Flaw
A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion...
Cross site scripting
Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS issues via the name, pluginsmsapikey, pluginsmscountrycode, calendarid, title, country name, or customername parameter...
CVE-2023-48827
CVE-2023-48827 affects PHPJabbers Time Slots Booking Calendar 4.0. The vulnerability is an HTML injection (XSS) flaw caused by insufficient sanitization in multiple parameters (name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, customer_name). Impact is web-page ...
PT-2023-30972 · Unknown · Time Slots Booking Calendar
Name of the Vulnerable Software and Affected Versions: Time Slots Booking Calendar version 4.0 Description: The issue concerns Multiple Stored Cross-Site Scripting XSS problems. These issues can be exploited via several parameters, including name, plugin sms api key, plugin sms country code,...