Phpjabbers Document_creator
5 CVEs affecting Phpjabbers Document_creator. Latest disclosed: 2023-08-28. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-40758 | Critical | 9.8 | 2023-08-28 | User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attack… |
CVE-2023-36311 | Critical | 9.8 | 2023-08-10 | There is a SQL injection (SQLi) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0. |
CVE-2023-36313 | Medium | 6.1 | 2023-08-10 | PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of "Export Requests" aside from "request_feed". |
CVE-2023-36310 | Medium | 6.1 | 2023-08-10 | There is a Cross Site Scripting (XSS) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0. |
CVE-2023-36309 | Medium | 6.1 | 2023-08-10 | There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Document Creator v1.0. |