14 matches found
PHPJabbers Make an Offer Widget v1.0 - Cross-Site Scripting
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0. id: CVE-2023-40752 info: name: PHPJabbers Make an Offer Widget v1.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | There is a Cross Site...
CVE-2023-40752
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0...
EUVD-2023-45305
Malicious code in bioql PyPI...
CVE-2023-40767
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40767
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40752
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0...
CVE-2023-40767
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40767
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40752
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0...
CVE-2023-40752
PHPJabbers Make an Offer Widget v1.0 is affected by a Cross-Site Scripting (XSS) vulnerability in the action parameter of index.php. The issue, confirmed across multiple sources, allows unauthenticated input in the action parameter to be reflected in the page, with user interaction required. This...
CVE-2023-40767
CVE-2023-40767 affects PHPJabbers Make an Offer Widget v1.0. The issue is user enumeration during password recovery: messages differ between valid and invalid usernames, enabling brute-forcing with valid users. Base CVSS 3.1: 9.8 (Network, High impact on confidentiality, integrity, availability)....
CVE-2023-40752
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0...
PT-2023-27617 · Phpjabbers · Phpjabbers Make An Offer Widget
Name of the Vulnerable Software and Affected Versions: PHPJabbers Make an Offer Widget version 1.0 Description: There is a Cross Site Scripting XSS issue in the action parameter of the "index.php" file. This allows for potential malicious script execution. Recommendations: For PHPJabbers Make an...