CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41537
https://notcve.org/view.php?id=CVE-2023-41537
30 Aug 2023 — phpjabbers Business Directory Script 3.2 is vulnerable to Cross Site Scripting (XSS) via the keyword parameter. Business Directory Script 3.2 de PHPJabbers es vulnerable a Cross Site Scripting (XSS) a través del parámetro keyword. • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/Business-Directory-Script-Version%3A3.2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41539
https://notcve.org/view.php?id=CVE-2023-41539
30 Aug 2023 — phpjabbers Business Directory Script 3.2 is vulnerable to SQL Injection via the column parameter. Business Directory Script 3.2 de PHPJabbers es vulnerable a SQL Injection a través del parámetro de column. • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/Business-Directory-Script-Version%3A3.2/SQLi • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •