PHPJabbers Callback Widget v1.0 - Cross-Site Scripting

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0. id: CVE-2023-40755 info: name: PHPJabbers Callback Widget v1.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | There is a Cross Site Scripting...

CVE-2023-40755

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...

EUVD-2023-40280

Malicious code in bioql PyPI...

EUVD-2023-40282

Malicious code in bioql PyPI...

EUVD-2023-45308

Malicious code in bioql PyPI...

EUVD-2023-45309

Malicious code in bioql PyPI...

EUVD-2023-40283

Malicious code in bioql PyPI...

CVE-2023-36314

There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...

CVE-2023-36315

There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...

CVE-2023-40756

User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

CVE-2023-40756

User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

CVE-2023-40756

User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

CVE-2023-40755

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...

CVE-2023-40755

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...

CVE-2023-40755

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...

Cross site scripting

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...

Design/Logic Flaw

User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

CVE-2023-40755

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...

CVE-2023-40756

PHPJabbers Callback Widget v1.0 is affected by a user-enumeration vulnerability during password recovery, where differing response messages may reveal whether a user exists, enabling brute-force attempts with valid accounts. The NVD lists CVSS 3.1 base score 9.8 (CRITICAL) with network attack vec...

PHPJabbers Callback Widget 安全漏洞

PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A security vulnerability exists in version v1.0 of the PHPJabbers Callback Widget that stems from a user enumeration vulnerability when resetting a password...