3 matches found
CVE-2023-51324
CVE-2023-51324 affects PHPJabbers Shared Asset Booking System v1.0. The vulnerability is a CSV injection flaw caused by insufficient input validation in the Languages section Labels/parameters field within System Options, which is used to build CSV exports. Exploitation could allow an attacker to...
CVE-2023-51323
CVE-2023-51323 concerns PHPJabbers Shared Asset Booking System v1.0, where a missing rate-limit in the Forgot Password/Email flow can allow an attacker to trigger a flood of email messages for a legitimate user, potentially causing a DoS. The issue is described in public writeups (e.g., PacketSto...
CVE-2023-51325
CVE-2023-51325 affects PHPJabbers Shared Asset Booking System v1.0. The vulnerability is a Stored Cross-Site Scripting (XSS) issue in the title and name parameters, allowing injected scripts to be permanently stored and later executed in the victim’s context. Public references in the PacketStorm ...