Phpjabbers: >> Ticket Support Script Security Vulnerabilities
User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-28
There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2.
CVSS Score
5.4
EPSS Score
0.01
Published
2023-08-28
A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-10