Lucene search
K

9 matches found

NVD
NVD
added 2026/06/24 7:16 a.m.22 views

CVE-2026-12416

The Invoice Generator plugin for WordPress is vulnerable to Account Takeover via Password Reset in all versions up to, and including, 1.0.0. This is due to the pravelinvoicechangepassword function being registered as a nopriv AJAX handler with no nonce verification and no authorization check, and...

9.8CVSS0.00364EPSS
Exploits1References4
OSV
OSV
added 2025/02/19 9:15 p.m.5 views

CVE-2023-51301

A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

7.5CVSS5.8AI score0.00679EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/02/19 12:0 a.m.5 views

PT-2025-7286 · Phpjabbers · Phpjabbers Hotel Booking System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Hotel Booking System version 4.0 Description: A lack of rate limiting in the "Login Section, Forgot Email" feature allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial o...

7.5CVSS6.9AI score0.00679EPSS
Exploits2References9
CNNVD
CNNVD
added 2025/02/19 12:0 a.m.3 views

PHPJabbers Hotel Booking System 安全漏洞

PHPJabbers Hotel Booking System is a hotel booking system from PHPJabbers, Inc. A security vulnerability exists in PHPJabbers Hotel Booking System version 4.0, which originates from a denial of service due to a lack of rate limiting in the Login Section and Forgot Email functionality...

7.5CVSS6.5AI score0.00679EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.370 views

PHPJabbers Cinema Booking System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Cinema Booking System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cinema-booking-system/sectionDemo Version: v1.0 Tested on: Windo...

7.4AI score0.00538EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.369 views

PHPJabbers Event Ticketing System 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Event Ticketing System v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/meeting-room-booking-system/sectionDemo Version: v1.0 Tested on...

7.4AI score0.00614EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/01/11 12:0 a.m.306 views

PHPJabbers Cleaning Business Software 1.0 Missing Rate Limiting

Exploit Title: PHPJabbers Cleaning Business Software v1.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0 Tested...

7.4AI score0.00425EPSS
Exploits3
CNVD
CNVD
added 2021/01/04 12:0 a.m.1 views

Seo Panel Cross-Site Scripting Vulnerability (CNVD-2021-01543)

SEO Panel is a free, open source SEO optimization software. A reflective cross-site scripting vulnerability exists in Seo Panel 4.8.0. An attacker can exploit this vulnerability via the seo/seopanel/login.php?sec=forgot email parameter to conduct a cross-site scripting attack...

6.1CVSS6.2AI score0.04278EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/01/01 12:0 a.m.5 views

SEO Panel 跨站脚本漏洞

SEO Panel is a free, open source SEO optimization software. A reflective cross-site scripting vulnerability exists in Seo Panel 4.8.0. An attacker can exploit this vulnerability via the seo/seopanel/login.php?sec=forgot email parameter to conduct a cross-site scripting attack...

6.1CVSS6.2AI score0.04278EPSS
Exploits1References3
Rows per page
Query Builder