Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
booking calendar vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-36133
PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change.
Phpjabbers Availability Booking Calendar 5.0
9.8
CVSSv3
CVE-2023-36132
PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control.
Phpjabbers Availability Booking Calendar 5.0
5.4
CVSSv3
CVE-2023-3558
A vulnerability classified as problematic has been found in GZ Scripts Event Booking Calendar 1.8. Affected is an unknown function of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. It is possible ...
Gzscripts Event Booking Calendar 1.8
6.1
CVSSv3
CVE-2019-14791
The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter.
Codepeople Appointment Booking Calendar 1.3.18
6.1
CVSSv3
CVE-2023-33560
There is a Cross Site Scripting (XSS) vulnerability in "cid" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3.
Phpjabbers Time Slots Booking Calendar 3.3
9.8
CVSSv3
CVE-2023-33561
Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords.
Phpjabbers Time Slots Booking Calendar 3.3
9.8
CVSSv3
CVE-2023-33562
User enumeration is found in in PHP Jabbers Time Slots Booking Calendar v3.3. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Time Slots Booking Calendar 3.3
8.8
CVSSv3
CVE-2023-33563
In PHP Jabbers Time Slots Booking Calendar 3.3 , lack of verification when changing an email address and/or password (on the Profile Page) allows remote malicious users to take over accounts.
Phpjabbers Time Slots Booking Calendar 3.3
6.1
CVSSv3
CVE-2023-33564
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Time Slots Booking Calendar v3.3.
Phpjabbers Time Slots Booking Calendar 3.3
8.8
CVSSv3
CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.
Phpjabbers Time Slots Booking Calendar 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »