Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-53585

Malicious code in bioql PyPI...

9.8CVSS7AI score0.00846EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-53582

Malicious code in bioql PyPI...

6.1CVSS8.9AI score0.00429EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2025/02/22 12:37 a.m.10 views

CVE-2023-51334

A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

5.3CVSS6.7AI score0.00538EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2025/02/22 12:36 a.m.12 views

CVE-2023-51330

PHPJabbers Cinema Booking System v1.0 is vulnerable to Reflected Cross-Site Scripting XSS in Now Showing menu "date" parameter...

5.4CVSS5.8AI score0.00322EPSS
Exploits2References4
OSV
OSV
added 2025/02/20 6:15 p.m.2 views

CVE-2023-51335

PHPJabbers Cinema Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "title, name" parameters...

6.5CVSS5.8AI score0.00395EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/02/20 12:0 a.m.10 views

CVE-2023-51333

PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

8.8AI score0.00765EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/20 12:0 a.m.11 views

CVE-2023-51334

A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

5.2AI score0.00538EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/02/20 12:0 a.m.13 views

CVE-2023-51330

PHPJabbers Cinema Booking System v1.0 is vulnerable to Reflected Cross-Site Scripting XSS in Now Showing menu "date" parameter...

0.00322EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/02/08 6:50 a.m.12 views

CVE-2024-57430

An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries via the column parameter. Exploiting this flaw can lead to unauthorized information disclosure, privilege escalation, or database manipulation...

9.8CVSS7.5AI score0.00846EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/02/08 6:50 a.m.12 views

CVE-2024-57429

A cross-site request forgery CSRF vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request...

5.4CVSS7AI score0.00273EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/02/08 6:49 a.m.9 views

CVE-2024-57428

A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg, seatmaps and seat number configurations numbernewX in pjActionCreate. Attackers can inject persistent JavaScript, leading to phishing, malware...

9.3CVSS5.5AI score0.0073EPSS
Exploits4References1
OSV
OSV
added 2025/02/06 5:15 p.m.3 views

CVE-2024-57428

A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg, seatmaps and seat number configurations numbernewX in pjActionCreate. Attackers can inject persistent JavaScript, leading to phishing, malware...

9.3CVSS7.2AI score0.0073EPSS
Exploits4References2
NVD
NVD
added 2025/02/06 5:15 p.m.15 views

CVE-2024-57429

A cross-site request forgery CSRF vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request...

5.4CVSS0.00273EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2025/02/06 12:0 a.m.6 views

PT-2025-5832 · Phpjabbers · Phpjabbers Cinema Booking System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Cinema Booking System version 2.0 Description: A stored cross-site scripting XSS issue exists due to unsanitized input in file upload fields event img, seat maps and seat number configurations numbernew X in pjActionCreate. This...

9.3CVSS8.4AI score0.0073EPSS
Exploits4References6
CVE
CVE
added 2025/02/06 12:0 a.m.52 views

CVE-2024-57427

CVE-2024-57427 affects PHPJabbers Cinema Booking System version 2.0.0. The vulnerability is a reflected XSS in multiple endpoints that improperly handle user input, enabling attackers to craft links or requests to execute scripts in a victim’s browser. Documented impacts include potential theft o...

6.1CVSS6.6AI score0.00429EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2025/02/06 12:0 a.m.58 views

CVE-2024-57430

CVE-2024-57430 affects PHPJabbers Cinema Booking System v2.0. The vulnerability is an SQL injection in the pjActionGetUser function, exploitable via the column parameter, enabling manipulation of database queries and potentially leading to unauthorized data disclosure, privilege escalation, or da...

9.8CVSS7.8AI score0.00846EPSS
Exploits4References2Affected Software1
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.5 views

PHPJabbers Cinema Booking System 安全漏洞

PHPJabbers Cinema Booking System is a theater booking system from PHPJabbers. A security vulnerability exists in PHPJabbers Cinema Booking System version v2.0, which originates from an SQL injection vulnerability contained in the pjActionGetUser function...

9.8CVSS7.4AI score0.00846EPSS
Exploits4References2
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.6 views

PHPJabbers Cinema Booking System 安全漏洞

PHPJabbers Cinema Booking System is a theater booking system from PHPJabbers. A security vulnerability exists in PHPJabbers Cinema Booking System version v2.0, which stems from the inclusion of a reflected cross-site scripting vulnerability...

6.1CVSS8.5AI score0.00429EPSS
Exploits4References2
Vulnrichment
Vulnrichment
added 2025/02/06 12:0 a.m.9 views

CVE-2024-57428

A stored cross-site scripting XSS vulnerability in PHPJabbers Cinema Booking System v2.0 exists due to unsanitized input in file upload fields eventimg, seatmaps and seat number configurations numbernewX in pjActionCreate. Attackers can inject persistent JavaScript, leading to phishing, malware...

5.6AI score0.0073EPSS
Exploits4References2
Cvelist
Cvelist
added 2025/02/06 12:0 a.m.14 views

CVE-2024-57429

A cross-site request forgery CSRF vulnerability in the pjActionUpdate function of PHPJabbers Cinema Booking System v2.0 allows remote attackers to escalate privileges by tricking an authenticated admin into submitting an unauthorized request...

0.00273EPSS
Exploits3References2
Rows per page
Query Builder