Phpjabbers Document Creator — known CVE vulnerabilities
Every CVE whose affected-product data names Phpjabbers Document Creator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-36311 — CVSS 9.8 (critical): There is a SQL injection (SQLi) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.
CVE-2023-40758 — CVSS 9.8 (critical): User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages…
CVE-2023-36309 — CVSS 6.1 (medium): There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Document Creator v1.0.
CVE-2023-36310 — CVSS 6.1 (medium): There is a Cross Site Scripting (XSS) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.
CVE-2023-36313 — CVSS 6.1 (medium): PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of "Export Requests" aside from…