7.5
CVE-2023-38830
- EPSS 0.07%
- Veröffentlicht 10.08.2023 15:15:09
- Zuletzt bearbeitet 21.11.2024 08:14:15
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAn information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpjabbers ≫ Yacht Listing Script Version1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.211 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.