Phpjabbers: >> Event Ticketing System Security Vulnerabilities
PHPJabbers Event Ticketing System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in "lid" parameter in index.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-02-20
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-02-20
PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "name, title" parameters.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-02-20
PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple HTML Injection in the "lid, name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-02-19