PHPJabbers Bus Reservation System v1.1 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "title, name" parameters.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NPhpjabbers Bus Reservation System
APPPhpjabbers1.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Powiązane podatności
CVE-2023-53877CRITICAL9.3PL ✓ten sam produkt
SQL injection w PHPJabbers Bus Reservation System 1.1 (parametr pickup_id)
CVE-2023-51316HIGH7.5ten sam produkt
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Bus Reservation System v1.1 allows atta...
CVE-2023-51319HIGH8.8ten sam produkt
PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows an attacker t...
CVE-2023-4111MEDIUM4.3ten sam produkt
A vulnerability was found in PHP Jabbers Bus Reservation System 1.1 and classified as problematic. Affected by...
CVE-2024-57428CRITICAL9.3PL ✓ten sam vendor
Stored XSS w PHPJabbers Cinema Booking System v2.0