5 matches found
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component...
CVE-2023-48207
CVE-2023-48207 affects PHPJabbers Availability Booking Calendar version 5.0. The vulnerability arises from insufficient input validation in the unique ID field used to build CSV exports from the Reservations list component, enabling CSV injection. Public sources describe potential remote code exe...
PHPJabbers Availability Booking Calendar 5.0 CSV Injection Vulnerability
Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - CSV Injection Exploit Author: BugsBD Security Researcher Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/sectionDemo Version: v5.0 Tested on: Windows...