Shodan
Vulnerabilities
Vulnerable Software
Phpjabbers:  Security Vulnerabilities
CVE-2023-48207
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the Reservations list component.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-07
CVE-2023-48208
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to index.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-12-07
CVE-2023-48172
A Cross Site Scripting (XSS) vulnerability in Shuttle Booking Software 2.0 allows a remote attacker to inject JavaScript via the name, description, title, or address parameter to index.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-12-07
CVE-2023-43147
PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-10-12
CVE-2023-36126
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Appointment Scheduler v3.0
CVSS Score
6.1
EPSS Score
0.001
Published
2023-10-10
CVE-2023-36127
User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-10-10
CVE-2023-43274
Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL Injection via the id parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-21
CVE-2023-36140
In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user accounts.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-11
CVE-2023-41538
phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting (XSS) via the keyword parameter.
CVSS Score
6.1
EPSS Score
0.094
Published
2023-08-30
CVE-2023-41539
phpjabbers Business Directory Script 3.2 is vulnerable to SQL Injection via the column parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved