CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48836 – PHPJabbers Car Rental 3.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2023-48836
Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter. Car Rental Script 3.0 es vulnerable a problemas de Múltiple Coss-Site Scripting (XSS) a través del parámetro nombre, plugin_sms_api_key, plugin_sms_country_code, calendar_id, título, nombre del país o nombre del cliente. PHPJabbers Car Rental version 3.0 suffers from multiple persistent cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/176046 https://www.phpjabbers.com/car-rental-script • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48835 – PHPJabbers Car Rental 3.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-48835
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. Car Rental Script v3.0 es vulnerable a la inyección CSV a través de una acción Idioma > Etiquetas > Exportar. PHPJabbers Car Rental version 3.0 suffers from a CSV injection vulnerability. • http://packetstormsecurity.com/files/176045 https://www.phpjabbers.com/car-rental-script • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48834 – PHPJabbers Car Rental 3.0 Missing Rate Limit
https://notcve.org/view.php?id=CVE-2023-48834
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion. La falta de limitación de velocidad en pjActionAjaxSend en Car Rental v3.0 permite a los atacantes provocar el agotamiento de los recursos. PHPJabbers Car Rental version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion. • http://packetstormsecurity.com/files/176043 https://www.phpjabbers.com/car-rental-script • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48833 – PHPJabbers Time Slots Booking Calendar 4.0 Missing Rate Limiting
https://notcve.org/view.php?id=CVE-2023-48833
A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion. La falta de limitación de velocidad en pjActionAJaxSend en Time Slots Booking Calendar 4.0 permite a los atacantes provocar el agotamiento de los recursos. PHPJabbers Time Slots Booking Calendar version 4.0 suffers from a missing rate limiting control that can allow for resource exhaustion. • http://packetstormsecurity.com/files/176042 https://www.phpjabbers.com/time-slots-booking-calendar • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48831 – PHPJabbers Availability Booking Calendar 5.0 Missing Rate Limiting
https://notcve.org/view.php?id=CVE-2023-48831
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion. La falta de limitación de velocidad en pjActionAJaxSend en Availability Booking Calendar 5.0 permite a los atacantes provocar el agotamiento de los recursos. PHPJabbers Availability Booking Calendar version 5.0 suffers from a missing rate limiting control that can allow for resource exhaustion. • http://packetstormsecurity.com/files/176039 https://www.phpjabbers.com/availability-booking-calendar/#sectionDemo • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •