Phpjabbers Class_scheduling_system
4 CVEs affecting Phpjabbers Class_scheduling_system. Latest disclosed: 2023-08-08. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-36134 | Critical | 9.8 | 2023-08-04 | In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers t… |
CVE-2023-36135 | High | 7.5 | 2023-08-04 | User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow… |
CVE-2023-36136 | Medium | 6.5 | 2023-08-08 | PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user… |
CVE-2023-36137 | Medium | 6.1 | 2023-08-04 | There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0. |