CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48830 – PHPJabbers Shuttle Booking Software 2.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-48830
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export. Shuttle Booking Software 2.0 es vulnerable a la inyección CSV en la sección Idiomas a través de una exportación. PHPJabbers Shuttle Booking Software version 2.0 suffers from a CSV injection vulnerability. • http://packetstormsecurity.com/files/176038 https://www.phpjabbers.com/shuttle-booking-software • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48828 – PHPJabbers Time Slots Booking Calendar 4.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2023-48828
Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter. Time Slots Booking Calendar 4.0 es vulnerable a problemas de Múltiple Coss-Site Scripting (XSS) Almacenado a través del nombre, plugin_sms_api_key, plugin_sms_country_code, calendar_id, título, nombre de país o parámetro customer_name. PHPJabbers Time Slots Booking Calendar version 4.0 suffers from multiple persistent cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/176037 https://www.phpjabbers.com/time-slots-booking-calendar • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48827 – PHPJabbers Time Slots Booking Calendar 4.0 HTML Injection
https://notcve.org/view.php?id=CVE-2023-48827
Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injection issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter. Time Slots Booking Calendar 4.0 es vulnerable a múltiples problemas de inyección de HTML a través del nombre, plugin_sms_api_key, plugin_sms_country_code, calendar_id, título, nombre de país o parámetro customer_name. PHPJabbers Time Slots Booking Calendar version 4.0 suffers from an html injection vulnerability. • http://packetstormsecurity.com/files/176036 https://www.phpjabbers.com/time-slots-booking-calendar • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48826 – PHPJabbers Time Slots Booking Calendar 4.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-48826
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List. Time Slots Booking Calendar 4.0 es vulnerable a la inyección de CSV a través del campo de ID único de la Lista de reservas. PHPJabbers Time Slots Booking Calendar version 4.0 suffers from a CSV injection vulnerability. • http://packetstormsecurity.com/files/176034 https://www.phpjabbers.com/time-slots-booking-calendar • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48825 – PHPJabbers Availability Booking Calendar 5.0 HTML Injection
https://notcve.org/view.php?id=CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code. Availability Booking Calendar 5.0 es vulnerable a múltiples problemas de inyección de HTML a través de la clave API de SMS o el código de país predeterminado. PHPJabbers Availability Booking Calendar version 5.0 suffers from an html injection vulnerability. • http://packetstormsecurity.com/files/176033 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •