Phpjabbers Cleaning Business Software — known CVE vulnerabilities
Every CVE whose affected-product data names Phpjabbers Cleaning Business Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-36139 — CVSS 9.8 (critical): In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address and/or password (on the Profile Page)…
CVE-2023-36140 — CVSS 9.8 (critical): In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user…
CVE-2023-51326 — CVSS 6.5 (medium): A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1.0 allows attackers to send an…
CVE-2023-51331 — CVSS 6.5 (medium): PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code…
CVE-2023-51327 — CVSS 6.5 (medium): A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software v1.0 allows attackers to send an…
CVE-2023-36138 — CVSS 6.1 (medium): PHPJabbers Cleaning Business Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the theme parameter of preview.php.
CVE-2023-51328 — CVSS 5.4 (medium): PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "c_name, name" parameters.
CVE-2023-36141 — CVSS 5.3 (medium): User enumeration is found in in PHPJabbers Cleaning Business Software 1.0. This issue occurs during password recovery, where a difference…
CVE-2023-4115 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file…