CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48833 – PHPJabbers Time Slots Booking Calendar 4.0 Missing Rate Limiting
https://notcve.org/view.php?id=CVE-2023-48833
04 Dec 2023 — A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion. La falta de limitación de velocidad en pjActionAJaxSend en Time Slots Booking Calendar 4.0 permite a los atacantes provocar el agotamiento de los recursos. PHPJabbers Time Slots Booking Calendar version 4.0 suffers from a missing rate limiting control that can allow for resource exhaustion. • https://packetstorm.news/files/id/176042 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48836 – PHPJabbers Car Rental 3.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2023-48836
04 Dec 2023 — Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter. Car Rental Script 3.0 es vulnerable a problemas de Múltiple Coss-Site Scripting (XSS) a través del parámetro nombre, plugin_sms_api_key, plugin_sms_country_code, calendar_id, título, nombre del país o nombre del cliente. PHPJabbers Car Rental version 3.0 suffers from multiple persistent cross site scr... • https://packetstorm.news/files/id/176046 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48834 – PHPJabbers Car Rental 3.0 Missing Rate Limit
https://notcve.org/view.php?id=CVE-2023-48834
04 Dec 2023 — A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion. La falta de limitación de velocidad en pjActionAjaxSend en Car Rental v3.0 permite a los atacantes provocar el agotamiento de los recursos. PHPJabbers Car Rental version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion. • https://packetstorm.news/files/id/176043 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48830 – PHPJabbers Shuttle Booking Software 2.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-48830
04 Dec 2023 — Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export. Shuttle Booking Software 2.0 es vulnerable a la inyección CSV en la sección Idiomas a través de una exportación. PHPJabbers Shuttle Booking Software version 2.0 suffers from a CSV injection vulnerability. • https://packetstorm.news/files/id/176038 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48840 – PHPJabbers Appointment Scheduler 3.0 Missing Rate Limiting
https://notcve.org/view.php?id=CVE-2023-48840
04 Dec 2023 — A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to cause resource exhaustion. La falta de limitación de velocidad en pjActionAjaxSend en Appointment Scheduler 3.0 permite a los atacantes provocar el agotamiento de los recursos. PHPJabbers Appointment Scheduler version 3.0 suffers from a missing rate limiting control that can allow for resource exhaustion. • https://packetstorm.news/files/id/176056 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48835 – PHPJabbers Car Rental 3.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-48835
04 Dec 2023 — Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. Car Rental Script v3.0 es vulnerable a la inyección CSV a través de una acción Idioma > Etiquetas > Exportar. PHPJabbers Car Rental version 3.0 suffers from a CSV injection vulnerability. • https://packetstorm.news/files/id/176045 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48828 – PHPJabbers Time Slots Booking Calendar 4.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2023-48828
04 Dec 2023 — Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter. Time Slots Booking Calendar 4.0 es vulnerable a problemas de Múltiple Coss-Site Scripting (XSS) Almacenado a través del nombre, plugin_sms_api_key, plugin_sms_country_code, calendar_id, título, nombre de país o parámetro customer_name. PHPJabbers Time Slots Booking Calendar version 4.0 suffe... • https://packetstorm.news/files/id/176037 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48839 – PHPJabbers Appointment Scheduler 3.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2023-48839
04 Dec 2023 — Appointment Scheduler 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter. Appointment Scheduler 3.0 es vulnerable a problemas de Múltiple Coss-Site Scripting (XSS) Almacenado a través del nombre, plugin_sms_api_key, plugin_sms_country_code, calendar_id, título, nombre de país o parámetro customer_name. PHPJabbers Appointment Scheduler version 3.0 suffers from multiple p... • https://packetstorm.news/files/id/176055 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48826 – PHPJabbers Time Slots Booking Calendar 4.0 CSV Injection
https://notcve.org/view.php?id=CVE-2023-48826
04 Dec 2023 — Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List. Time Slots Booking Calendar 4.0 es vulnerable a la inyección de CSV a través del campo de ID único de la Lista de reservas. PHPJabbers Time Slots Booking Calendar version 4.0 suffers from a CSV injection vulnerability. • https://packetstorm.news/files/id/176034 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-48825 – PHPJabbers Availability Booking Calendar 5.0 HTML Injection
https://notcve.org/view.php?id=CVE-2023-48825
04 Dec 2023 — Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code. Availability Booking Calendar 5.0 es vulnerable a múltiples problemas de inyección de HTML a través de la clave API de SMS o el código de país predeterminado. PHPJabbers Availability Booking Calendar version 5.0 suffers from an html injection vulnerability. • https://packetstorm.news/files/id/176033 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •