Shodan
Vulnerabilities
Vulnerable Software
Phpjabbers:  Security Vulnerabilities
CVE-2023-40765
User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-28
CVE-2023-40766
User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-28
CVE-2023-40767
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-28
CVE-2023-40748
PHPJabbers Food Delivery Script 3.0 has a SQL injection (SQLi) vulnerability in the "q" parameter of index.php.
CVSS Score
9.8
EPSS Score
0.265
Published
2023-08-28
CVE-2023-40749
PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php.
CVSS Score
9.8
EPSS Score
0.265
Published
2023-08-28
CVE-2023-40750
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0.
CVSS Score
6.1
EPSS Score
0.013
Published
2023-08-28
CVE-2023-40751
PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php.
CVSS Score
6.1
EPSS Score
0.012
Published
2023-08-28
CVE-2023-40752
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0.
CVSS Score
6.1
EPSS Score
0.013
Published
2023-08-28
CVE-2023-40753
There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2.
CVSS Score
5.4
EPSS Score
0.009
Published
2023-08-28
CVE-2023-40754
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-08-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved