Phpjabbers Ticket Support Script vulnerabilities
3 known vulnerabilities affecting phpjabbers/ticket_support_script.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-39776P3CRITICALCVSS 9.8v3.22023-08-10
CVE-2023-39776 [CRITICAL] CWE-434 CVE-2023-39776: A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 allows attackers to execute arb
A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 allows attackers to execute arbitrary code via uploading a crafted file.
nvd
CVE-2023-40766P3CRITICALCVSS 9.8v3.22023-08-28
CVE-2023-40766 [CRITICAL] CWE-209 CVE-2023-40766: User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during pass
User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
nvd
CVE-2023-40753P4MEDIUMCVSS 5.4PoCv3.22023-08-28
CVE-2023-40753 [MEDIUM] CWE-79 CVE-2023-40753: There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabb
There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2.
nvd