CVE-2023-4113

PHP Jabbers Service Booking Script index.php cross site scripting

CVSS 4.3 MEDIUMEPSS 5.2%CWE-79

A vulnerability was found in PHP Jabbers Service Booking Script 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-235960. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

PHP Jabbers · Service Booking Script

public PoCs found — 2

cve_referencepacketstormsecurity.com/files/173931/PHPJabbers-Service-Booking-Script-1.0-Cross-Site-Scripting.htmlunverified exploitdbwww.exploit-db.com/exploits/51649unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/173931/PHPJabbers-Service-Booking-Script-1.0-Cross-Site-Scripting.html https://vuldb.com/?ctiid.235960 https://vuldb.com/?id.235960