28 matches found
CVE-2023-40755
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...
EUVD-2023-40280
Malicious code in bioql PyPI...
EUVD-2023-40282
Malicious code in bioql PyPI...
EUVD-2023-45308
Malicious code in bioql PyPI...
EUVD-2023-45309
Malicious code in bioql PyPI...
EUVD-2023-40283
Malicious code in bioql PyPI...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-40756
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40756
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
Design/Logic Flaw
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0...
PHPJabbers Callback Widget 安全漏洞
PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A security vulnerability exists in version v1.0 of the PHPJabbers Callback Widget that stems from a user enumeration vulnerability when resetting a password...
CVE-2023-40756
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-40755
CVE-2023-40755 affects PHPJabbers Callback Widget v1.0, with an XSS vulnerability in the theme parameter of preview.php. The issue allows unauthenticated attackers to inject JavaScript through theme, potentially stealing administrator credentials or manipulating callback requests. The root cause ...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36314
There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36312
There is a Cross Site Scripting XSS vulnerability in the value-enum-obfincludetimezone parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36315
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
Cross site scripting
There is a Cross Site Scripting XSS vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0...
CVE-2023-36315
The CVE CVE-2023-36315 affects PHPJabbers Callback Widget v1.0, specifically an XSS in the action parameter of index.php. Root cause: improper handling of input in the action parameter leading to cross-site scripting. Impact is described as XSS; exploitation status is not provided in the document...