Phpjabbers Make An Offer Widget vulnerabilities
2 known vulnerabilities affecting phpjabbers/make_an_offer_widget.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-40752P3MEDIUMCVSS 6.1PoCv1.02023-08-28
CVE-2023-40752 [MEDIUM] CWE-79 CVE-2023-40752: There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJab
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0.
nvd
CVE-2023-40767P3CRITICALCVSS 9.8v1.02023-08-28
CVE-2023-40767 [CRITICAL] CWE-209 CVE-2023-40767: User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during passw
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
nvd