Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpjabbers class scheduling system 1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-36134
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote malicious users to take over accounts.
Phpjabbers Class Scheduling System 1.0
7.5
CVSSv3
CVE-2023-36135
User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Class Scheduling System 1.0
6.5
CVSSv3
CVE-2023-36136
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an malicious user to capture all user names and passwords in clear text.
Phpjabbers Class Scheduling System 1.0
6.1
CVSSv3
CVE-2023-36137
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0.
Phpjabbers Class Scheduling System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started