3 matches found
CVE-2023-40753
CVE-2023-40753 affects PHPJabbers Ticket Support Script v3.2. A Cross-Site Scripting (XSS) vulnerability exists in the message parameter of index.php. Exploitation could allow authenticated attackers to inject JavaScript via ticket notification messages, potentially stealing session cookies or ac...
CVE-2023-39776
The CVE-2023-39776 entry concerns PHPJabbers Ticket Support Script v3.2 with a File Upload vulnerability that allows an attacker to execute arbitrary code by uploading a crafted file. Documents consistently identify the affected product and version, and cite an unrestricted file upload root cause...
CVE-2023-40766
CVE-2023-40766 affects PHPJabbers Ticket Support Script v3.2. The vulnerability is a user-enumeration flaw observed during password recovery, where differing responses could reveal whether a username exists, enabling brute-force attempts with valid users. Documented impact from NVD indicates a cr...