Lucene search
K
PhpjabbersClass Scheduling System

4 matches found

CVE
CVE
added 2023/08/08 12:0 a.m.54 views

CVE-2023-36136

The CVE affects PHPJabbers Class Scheduling System 1.0. The issue is that password handling on the update user page lacks encryption, allowing an attacker to capture all usernames and passwords in clear text. This directly impacts confidentiality and enables credential exposure without requiring ...

6.5CVSS6.4AI score0.00233EPSS
CVE
CVE
added 2023/08/03 12:0 a.m.38 views

CVE-2023-36137

CVE-2023-36137 affects PHPJabbers Class Scheduling System v1.0. The vulnerability is a Cross Site Scripting (XSS) in the theme parameter of preview.php. Root cause: untrusted input in the theme parameter can be reflected in the page, enabling script execution. According to the CVSS data, the impa...

6.1CVSS6AI score0.00312EPSS
CVE
CVE
added 2023/08/03 12:0 a.m.31 views

CVE-2023-36135

The CVE-2023-36135 issue affects PHPJabbers Class Scheduling System v1.0. During password recovery, a difference in responses between valid and invalid usernames enables user enumeration, which can facilitate brute-forcing existing accounts. The NVD entry and related sources confirm the affected ...

7.5CVSS7.4AI score0.00473EPSS
CVE
CVE
added 2023/08/03 12:0 a.m.29 views

CVE-2023-36134

CVE-2023-36134 affects PHP Jabbers Class Scheduling System 1.0. The issue is a lack of verification when changing an email address and/or password on the Profile Page, enabling remote attackers to take over accounts. No exploit vectors or affected versions beyond 1.0 are specified in the provided...

9.8CVSS9.5AI score0.00416EPSS