Phpjabbers Hotel_booking_system
6 CVEs affecting Phpjabbers Hotel_booking_system. Latest disclosed: 2025-02-19. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-40760 | Critical | 9.8 | 2023-08-28 | User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an a… |
CVE-2023-51302 | High | 8.8 | 2025-02-19 | PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due… |
CVE-2023-51301 | High | 7.5 | 2025-02-19 | A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of re… |
CVE-2023-51297 | Medium | 6.5 | 2025-02-19 | A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a leg… |
CVE-2023-51300 | Medium | 6.1 | 2025-02-19 | PHPJabbers Hotel Booking System v4.0 is vulnerable to Cross-Site Scripting (XSS) vulnerabilities in the "name, plugin_sms_api_key, plugin_sms_country_code, tit… |
CVE-2023-51299 | Medium | 6.1 | 2025-02-19 | PHPJabbers Hotel Booking System v4.0 is vulnerable to HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, titl… |