Hotel Booking System Security Vulnerabilities and Issues — Hotel Booking System CVE List

Lucene search

PhpjabbersHotel Booking System

5 matches found

CVE•added 2025/02/19 8:15 p.m.•39 views

CVE-2023-51299

PHPJabbers Hotel Booking System v4.0 is vulnerable to HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.

6.1CVSS6.7AI score0.00073EPSS

CVE•added 2025/02/19 9:15 p.m.•39 views

CVE-2023-51302

PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file.

8.8CVSS7.1AI score0.00165EPSS

CVE•added 2025/02/19 9:15 p.m.•38 views

CVE-2023-51300

PHPJabbers Hotel Booking System v4.0 is vulnerable to Cross-Site Scripting (XSS) vulnerabilities in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key" parameters.

6.1CVSS5.8AI score0.00079EPSS

CVE•added 2025/02/19 9:15 p.m.•38 views

CVE-2023-51301

A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

7.5CVSS6.5AI score0.00457EPSS

CVE•added 2025/02/19 8:15 p.m.•35 views

CVE-2023-51297

A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

6.5CVSS6.4AI score0.00411EPSS