Lucene search
+L

65 matches found

CNNVD
CNNVD
added 2024/12/12 12:0 a.m.6 views

Code-Projects Online Class and Exam Scheduling System 注入漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects, Inc. An injection vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from a parameter id in the file /pages/roomupdate.php th...

8.8CVSS7.1AI score0.00545EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2023/08/08 3:15 p.m.4 views

CVE-2023-36136

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account update user page allowing an attacker to capture all user names and passwords in clear text...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References4
OSV
OSV
added 2023/08/08 3:15 p.m.4 views

CVE-2023-36136

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account update user page allowing an attacker to capture all user names and passwords in clear text...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2
CVE
CVE
added 2023/08/08 12:0 a.m.55 views

CVE-2023-36136

The CVE affects PHPJabbers Class Scheduling System 1.0. The issue is that password handling on the update user page lacks encryption, allowing an attacker to capture all usernames and passwords in clear text. This directly impacts confidentiality and enables credential exposure without requiring ...

6.5CVSS6.4AI score0.00233EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.5 views

Class Scheduling System Security Vulnerability

Class Scheduling System is a class scheduling system by jkev individual developers. A security vulnerability exists in PHPJabbers Class Scheduling System version 1.0, which stems from a lack of password encryption when editing a user account updating a user's page, which allows an attacker to...

6.5CVSS6.9AI score0.00233EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/08/08 12:0 a.m.17 views

CVE-2023-36136

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account update user page allowing an attacker to capture all user names and passwords in clear text...

7AI score0.00233EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/08/04 12:15 a.m.6 views

CVE-2023-36134

In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password on the Profile Page allows remote attackers to take over accounts...

9.8CVSS5.8AI score0.00416EPSS
Exploits0References4
OSV
OSV
added 2023/08/04 12:15 a.m.4 views

CVE-2023-36135

User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

7.5CVSS5.7AI score
Exploits0References2
OSV
OSV
added 2023/08/04 12:15 a.m.5 views

CVE-2023-36137

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0...

6.1CVSS5.8AI score0.00312EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/08/04 12:15 a.m.5 views

CVE-2023-36135

User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

7.5CVSS5.7AI score0.00473EPSS
Exploits0References4
Prion
Prion
added 2023/08/04 12:15 a.m.15 views

Design/Logic Flaw

User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

5CVSS7.5AI score0.00473EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/04 12:15 a.m.14 views

Cross site scripting

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0...

5.8CVSS6AI score0.00312EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.6 views

Class Scheduling System Cross-Site Scripting Vulnerability

Class Scheduling System is a class scheduling system by jkev Personal Developer. A security vulnerability exists in Class Scheduling System version 1.0 due to a cross-site scripting XSS vulnerability in the theme parameter of preview.php...

6.1CVSS5.7AI score0.00312EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.11 views

PT-2023-25447 · Phpjabbers · Phpjabbers Class Scheduling System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Class Scheduling System version 1.0 Description: The issue is related to a Cross Site Scripting XSS vulnerability. This vulnerability is found in the theme parameter of the "preview.php" file. Recommendations: For PHPJabbers Class...

6.1CVSS5.8AI score0.00312EPSS
Exploits0References4
CVE
CVE
added 2023/08/03 12:0 a.m.39 views

CVE-2023-36137

CVE-2023-36137 affects PHPJabbers Class Scheduling System v1.0. The vulnerability is a Cross Site Scripting (XSS) in the theme parameter of preview.php. Root cause: untrusted input in the theme parameter can be reflected in the page, enabling script execution. According to the CVSS data, the impa...

6.1CVSS6AI score0.00312EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.5 views

Class Scheduling System Data Forgery Problem Vulnerability

Class Scheduling System is a class scheduling system by jkev Personal Developer. A security vulnerability exists in Class Scheduling System version 1.0, which stems from a lack of authentication when changing email addresses or passwords, allowing a remote attacker to take over an account...

9.8CVSS7AI score0.00416EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.6 views

PT-2023-25444 · Phpjabbers · Phpjabbers Class Scheduling System

Name of the Vulnerable Software and Affected Versions: PHP Jabbers Class Scheduling System version 1.0 Description: The issue concerns a lack of verification when changing an email address and/or password on the Profile Page, allowing remote attackers to take over accounts. Recommendations: For P...

9.8CVSS9.5AI score0.00416EPSS
Exploits0References5
CVE
CVE
added 2023/08/03 12:0 a.m.30 views

CVE-2023-36134

CVE-2023-36134 affects PHP Jabbers Class Scheduling System 1.0. The issue is a lack of verification when changing an email address and/or password on the Profile Page, enabling remote attackers to take over accounts. No exploit vectors or affected versions beyond 1.0 are specified in the provided...

9.8CVSS9.5AI score0.00416EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/03 12:0 a.m.32 views

CVE-2023-36135

The CVE-2023-36135 issue affects PHPJabbers Class Scheduling System v1.0. During password recovery, a difference in responses between valid and invalid usernames enables user enumeration, which can facilitate brute-forcing existing accounts. The NVD entry and related sources confirm the affected ...

7.5CVSS7.4AI score0.00473EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.31 views

CVE-2023-36137

There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0...

6.2AI score0.00312EPSS
Exploits0References2
Rows per page
Query Builder