Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpjabbers class scheduling system 1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-36134
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote malicious users to take over accounts.
Phpjabbers Class Scheduling System 1.0
7.5
CVSSv3
CVE-2023-36135
User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Class Scheduling System 1.0
6.5
CVSSv3
CVE-2023-36136
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an malicious user to capture all user names and passwords in clear text.
Phpjabbers Class Scheduling System 1.0
6.1
CVSSv3
CVE-2023-36137
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0.
Phpjabbers Class Scheduling System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started