Phpjabbers Fundraising Script vulnerabilities
7 known vulnerabilities affecting phpjabbers/fundraising_script.
Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL4MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2023-40751P3MEDIUMCVSS 6.1PoCv1.02023-08-28
CVE-2023-40751 [MEDIUM] CWE-79 CVE-2023-40751: PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" para
PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php.
nvd
CVE-2020-22226P3CRITICALCVSS 9.8v1.02021-11-05
CVE-2020-22226 [CRITICAL] CWE-89 CVE-2020-22226: Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerabili
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.
nvd
CVE-2020-22225P3CRITICALCVSS 9.8v1.02021-11-05
CVE-2020-22225 [CRITICAL] CWE-89 CVE-2020-22225: Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerabili
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function.
nvd
CVE-2020-22223P3CRITICALCVSS 9.8v1.02021-11-05
CVE-2020-22223 [CRITICAL] CWE-89 CVE-2020-22223: Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerabili
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.
nvd
CVE-2023-40762P3CRITICALCVSS 9.8v1.02023-08-28
CVE-2023-40762 [CRITICAL] CWE-209 CVE-2023-40762: User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password r
User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
nvd
CVE-2020-22222P4MEDIUMCVSS 6.1v1.02021-11-05
CVE-2020-22222 [MEDIUM] CWE-79 CVE-2020-22222: Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function.
nvd
CVE-2020-22224P4MEDIUMCVSS 6.1v1.02021-11-05
CVE-2020-22224 [MEDIUM] CWE-79 CVE-2020-22224: Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function.
nvd