CVE-2023-40762
- EPSS 0.1%
- Veröffentlicht 28.08.2023 13:15:10
- Zuletzt bearbeitet 21.11.2024 08:20:05
User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid use...
CVE-2023-40751
- EPSS 1.14%
- Veröffentlicht 28.08.2023 13:15:09
- Zuletzt bearbeitet 21.11.2024 08:20:04
PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php.
CVE-2020-22224
- EPSS 0.24%
- Veröffentlicht 05.11.2021 23:15:08
- Zuletzt bearbeitet 21.11.2024 05:13:12
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function.
CVE-2020-22225
- EPSS 0.26%
- Veröffentlicht 05.11.2021 23:15:08
- Zuletzt bearbeitet 21.11.2024 05:13:12
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function.
CVE-2020-22226
- EPSS 0.26%
- Veröffentlicht 05.11.2021 23:15:08
- Zuletzt bearbeitet 21.11.2024 05:13:12
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.
CVE-2020-22222
- EPSS 0.24%
- Veröffentlicht 05.11.2021 23:15:07
- Zuletzt bearbeitet 21.11.2024 05:13:12
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function.
CVE-2020-22223
- EPSS 0.26%
- Veröffentlicht 05.11.2021 23:15:07
- Zuletzt bearbeitet 21.11.2024 05:13:12
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.