Phpjabbers Luki w zabezpieczeniach

Oś czasu

Rodzaj

Produkt

PHPJabbers PHP Newsletter Script2
PHPJabbers File Sharing Script2
PHPJabbers Script2
PHPJabbers Appointment Scheduler2
PHPJabbers Star Rating Script2

Przeciwdziałanie

Official Fix0
Temporary Fix0
Workaround0
Unavailable0
Not Defined10

Wykorzystywanie

High0
Functional0
Proof-of-Concept2
Unproven0
Not Defined8

Wektor dostępu

Not Defined0
Physical0
Local0
Adjacent0
Network10

Uwierzytelnianie

Not Defined0
High0
Low0
None10

Interakcja z użytkownikiem

Not Defined0
Required10
None0

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤40
≤50
≤66
≤74
≤80
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤50
≤68
≤72
≤80
≤90
≤100

VulDB

≤10
≤20
≤30
≤40
≤56
≤60
≤74
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤76
≤80
≤90
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k6
<2k4
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k10
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (7): Appointment Scheduler (3), Event Booking Calendar (2), File Sharing Script (1), Night Club Booking Software (1), PHP Newsletter Script (1), Script (1), Star Rating Script (1)

OpublikowanoBaseTempSłaby punktProdWykPrzCTIEPSSCVE
2020-12-163.53.5PHPJabbers Appointment Scheduler Admin Login Page index.php cross site scriptingAppointment SoftwareNot DefinedNot Defined0.000.00280CVE-2020-35416
2017-12-305.25.2PHPJabbers File Sharing Script Comment Stored cross site scriptingNieznanyNot DefinedNot Defined0.000.00079CVE-2017-12813
2017-12-305.25.2PHPJabbers Night Club Booking Software Reservations Tab Stored cross site scriptingNieznanyNot DefinedNot Defined0.000.00079CVE-2017-12812
2017-12-305.25.2PHPJabbers Star Rating Script Rating Item Stored cross site scriptingFeedback SoftwareNot DefinedNot Defined0.000.00079CVE-2017-12811
2017-12-305.25.2PHPJabbers PHP Newsletter Script Admin Panel Stored cross site scriptingProgramming Language SoftwareNot DefinedNot Defined0.020.00079CVE-2017-12810
2015-01-137.37.3PHPJabbers Event Booking Calendar load-calendar.php sql injectionCalendar SoftwareNot DefinedNot Defined0.000.00130CVE-2014-10015
2015-01-136.36.3PHPJabbers Event Booking Calendar cross site request forgeryCalendar SoftwareNot DefinedNot Defined0.000.00422CVE-2014-10014
2015-01-135.35.0PHPJabbers Appointment Scheduler directory traversalAppointment SoftwareProof-of-ConceptNot Defined0.000.01005CVE-2014-10010
2015-01-136.36.0PHPJabbers Appointment Scheduler cross site request forgeryAppointment SoftwareProof-of-ConceptNot Defined0.000.00693CVE-2014-10001
2012-08-146.36.3PHPJabbers Script Administrator Account index.php cross site request forgeryNieznanyNot DefinedNot Defined0.000.00372CVE-2012-4324

Do you know our Splunk app?

Download it now for free!