28 matches found
CVE-2023-40755
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...
EUVD-2023-40283
Malicious code in bioql PyPI...
EUVD-2023-45309
Malicious code in bioql PyPI...
EUVD-2023-40282
Malicious code in bioql PyPI...
EUVD-2023-40280
Malicious code in bioql PyPI...
EUVD-2023-45308
Malicious code in bioql PyPI...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-40756
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40756
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
Design/Logic Flaw
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...
CVE-2023-40756
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
PHPJabbers Callback Widget 安全漏洞
PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A security vulnerability exists in version v1.0 of the PHPJabbers Callback Widget that stems from a user enumeration vulnerability when resetting a password...
CVE-2023-40755
CVE-2023-40755 affects PHPJabbers Callback Widget v1.0, with an XSS vulnerability in the theme parameter of preview.php. The issue allows unauthenticated attackers to inject JavaScript through theme, potentially stealing administrator credentials or manipulating callback requests. The root cause ...
CVE-2023-36314
There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
Callback Widget Cross-Site Scripting Vulnerability
PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A cross-site scripting vulnerability exists in PHPJabbers Callback Widget version v1.0, which stems from cross-site scripting XSS in the value-text-osmsemailrequestmessage parameter of ndex.php...