24 matches found
EUVD-2023-40118
Malicious code in bioql PyPI...
EUVD-2023-56047
Malicious code in bioql PyPI...
EUVD-2023-56049
Malicious code in bioql PyPI...
EUVD-2023-40117
Malicious code in bioql PyPI...
CVE-2023-51328
PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "cname, name" parameters...
CVE-2023-51328
PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "cname, name" parameters...
CVE-2023-51328
PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "cname, name" parameters...
CVE-2023-51328
PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "cname, name" parameters...
CVE-2023-51336
PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
CVE-2023-51308
PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...
CVE-2023-51305
PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey" parameters...
CVE-2023-51327
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...
CVE-2023-51331
PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
CVE-2023-51320
CVE-2023-51320 affects PHPJabbers Night Club Booking Software v1.0. The vulnerability is a CSV Injection in the CSV export, caused by insufficient input validation on the Languages → Labels parameter (in System Options) used to construct the CSV file. The issue is evidenced by concrete exploitati...
CVE-2023-51320
PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
PT-2025-7292 · Phpjabbers · Phpjabbers Car Park Booking System
Name of the Vulnerable Software and Affected Versions: PHPJabbers Car Park Booking System version 3.0 Description: A lack of rate limiting in the 'Email Settings' feature allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a...
CVE-2023-51327
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...
CVE-2023-51331
PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...
Interactive Floor Plan 1.0 Cross Site Scripting
Title: Interactive-Floor-Plan-1.0-XSS-Reflected-SESSION-Hijacking Author: nu11secur1ty Date: 01/28/2024 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/interactive-floor-plan-software/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflect...
CVE-2023-43147
PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery CSRF to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI...