52 matches found
CVE-2023-40755
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...
CVE-2023-40755
CVE-2023-40755 affects PHPJabbers Callback Widget v1.0, with an XSS vulnerability in the theme parameter of preview.php. The issue allows unauthenticated attackers to inject JavaScript through theme, potentially stealing administrator credentials or manipulating callback requests. The root cause ...
PHPJabbers Callback Widget 安全漏洞
PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A security vulnerability exists in version v1.0 of the PHPJabbers Callback Widget that stems from a user enumeration vulnerability when resetting a password...
PT-2023-27620 · Phpjabbers · Phpjabbers Callback Widget
Name of the Vulnerable Software and Affected Versions: PHPJabbers Callback Widget version 1.0 Description: There is a Cross Site Scripting XSS vulnerability in the theme parameter of the "preview.php" file. This issue allows for malicious script execution. Recommendations: For PHPJabbers Callback...
CVE-2023-40756
PHPJabbers Callback Widget v1.0 is affected by a user-enumeration vulnerability during password recovery, where differing response messages may reveal whether a user exists, enabling brute-force attempts with valid accounts. The NVD lists CVSS 3.1 base score 9.8 (CRITICAL) with network attack vec...
CVE-2023-36314
There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36314
There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36314
There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
Callback Widget Cross-Site Scripting Vulnerability
PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A cross-site scripting vulnerability exists in PHPJabbers Callback Widget version v1.0, which stems from cross-site scripting XSS in the value-text-osmsemailrequestmessage parameter of ndex.php...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...