Phpjabbers Yacht Listing Script — known CVE vulnerabilities
Every CVE whose affected-product data names Phpjabbers Yacht Listing Script, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-40761 — CVSS 9.8 (critical): User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in…
CVE-2023-38830 — CVSS 7.5 (high): An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations…
CVE-2023-40750 — CVSS 6.1 (medium): There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0.