User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPhpjabbers Document Creator
APPPhpjabbers1.0
Related vulnerabilities
There is a SQL injection (SQLi) vulnerability in the "column" parameter of index.php in PHPJabbers Document Cr...
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Docum...
There is a Cross Site Scripting (XSS) vulnerability in the "column" parameter of index.php in PHPJabbers Docum...
PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of "Expor...
SQL injection w PHPJabbers Bus Reservation System 1.1 (parametr pickup_id)