Phpjabbers Car_rental_script

6 CVEs affecting Phpjabbers Car_rental_script. Latest disclosed: 2023-12-07. Critical: 1, High: 3.

Top CVEs affecting Phpjabbers Car_rental_script
CVESeverityScorePublishedSummary
CVE-2023-40764Critical9.82023-08-28User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an atta…
CVE-2023-48835High8.82023-12-07Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
CVE-2023-40754High8.82023-08-28In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take…
CVE-2023-48834High7.52023-12-07A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion.
CVE-2023-48837Medium5.42023-12-07Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
CVE-2023-48836Medium5.42023-12-07Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id…