CVE-2023-43147

PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.
References
Link Resource
https://github.com/MinoTauro2020/CVE-2023-43147/ Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpjabbers:limo_booking_software:1.0:*:*:*:*:*:*:*

History

18 Oct 2023, 18:54

Type Values Removed Values Added
CPE cpe:2.3:a:phpjabbers:limo_booking_software:1.0:*:*:*:*:*:*:*
References (MISC) https://github.com/MinoTauro2020/CVE-2023-43147/ - (MISC) https://github.com/MinoTauro2020/CVE-2023-43147/ - Exploit, Third Party Advisory
CWE CWE-352
First Time Phpjabbers
Phpjabbers limo Booking Software
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8

12 Oct 2023, 18:15

Type Values Removed Values Added
Summary PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI. PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.
References
  • {'url': 'https://github.com/MinoTauro2020/CVE-2023-43148', 'name': 'https://github.com/MinoTauro2020/CVE-2023-43148', 'tags': [], 'refsource': 'MISC'}
  • (MISC) https://github.com/MinoTauro2020/CVE-2023-43147/ -

12 Oct 2023, 16:52

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-12 16:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-43147

Mitre link : CVE-2023-43147

CVE.ORG link : CVE-2023-43147


JSON object : View

Products Affected

phpjabbers

  • limo_booking_software
CWE
CWE-352

Cross-Site Request Forgery (CSRF)