21 matches found
EUVD-2014-1082
Malware in sbrugna...
EUVD-2023-40106
Malicious code in bioql PyPI...
EUVD-2023-40105
Malicious code in bioql PyPI...
CVE-2023-36127
User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2020-35416
Multiple cross-site scripting XSS vulnerabilities exist in PHPJabbers Appointment Scheduler 2.3, in the index.php admin login webpage with different request parameters, allows remote attackers to inject arbitrary web script or HTML...
Appointment Scheduler Security Vulnerability
PHPJabbers Appointment Scheduler is a Php-based appointment scheduler plugin for planning time and booking meeting schedules from PHPJabbers Serbia. A security vulnerability exists in Appointment Scheduler version 3.0, which stems from a stored cross-site scripting XSS vulnerability in several...
PHPJabbers Appointment Scheduler 3.0 HTML Injection
Exploit Title: PHPJabbers Appointment Scheduler v3.0 - Multiple HTML Injection Date: 19/11/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/appointment-scheduler/ Version: v3.0 Tested on: Window...
CVE-2023-36126
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Appointment Scheduler v3.0...
Design/Logic Flaw
User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-36127
User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
PHPJabbers Appointment Scheduler Security Vulnerability
PHPJabbers Appointment Scheduler is a Php-based appointment scheduler plugin for planning time and booking meeting schedules from PHPJabbers Serbia. A security vulnerability exists in PHPJabbers Appointment Scheduler version v3.0, which stems from a discrepancy in messages that could allow an...
PT-2023-25439 · Phpjabbers · Phpjabbers Appointment Scheduler
Name of the Vulnerable Software and Affected Versions: PHPJabbers Appointment Scheduler version 3.0 Description: The issue is related to user enumeration, which occurs during the password recovery process. A difference in messages could allow an attacker to determine if a user is valid or not,...
CVE-2023-36126
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Appointment Scheduler v3.0...
The vulnerability of the PHPJabbers Appointment Scheduler scheduler, related to the lack of protective measures for the website structure, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the PHPJabbers Appointment Scheduler scheduler is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
CVE-2020-35416
Multiple cross-site scripting XSS vulnerabilities exist in PHPJabbers Appointment Scheduler 2.3, in the index.php admin login webpage with different request parameters, allows remote attackers to inject arbitrary web script or HTML...
PHPJabbers Appointment Scheduler 2.3 Cross Site Scripting
Exploit Title: PHPJabbers Appointment Scheduler 2.3 - Reflected XSS Cross-Site Scripting Date: 2020-12-14 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.phpjabbers.com Software Link: https://www.phpjabbers.com/appointment-scheduler Version: 2.3 Tested on: Latest Version of Deskto...
Phpjabbers Appointment Scheduler 跨站脚本漏洞
Phpjabbers Appointment Scheduler is a Php-based appointment scheduler plugin for planning time and scheduling meetings from Phpjabbers Serbia. PHPJabbers Appointment Scheduler 2.3 is vulnerable to a cross-site scripting vulnerability that originates in the index.php administrative login page with...
PT-2020-6157 · Phpjabbers · Phpjabbers Appointment Scheduler
Name of the Vulnerable Software and Affected Versions: PHPJabbers Appointment Scheduler version 2.3 Description: The issue is related to cross-site scripting XSS vulnerabilities in the admin login webpage of the PHPJabbers Appointment Scheduler. These vulnerabilities allow remote attackers to...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in PHPJabbers Appointment Scheduler 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 conduct cross-site scripting XSS attacks via the i18n1name parameter in a pjActionCreate action to the...
CVE-2014-10001
Multiple cross-site request forgery CSRF vulnerabilities in PHPJabbers Appointment Scheduler 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 conduct cross-site scripting XSS attacks via the i18n1name parameter in a pjActionCreate action to the...