PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.
References
Link | Resource |
---|---|
https://github.com/MinoTauro2020/CVE-2023-43147/ | Exploit Third Party Advisory |
Configurations
History
18 Oct 2023, 18:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:phpjabbers:limo_booking_software:1.0:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/MinoTauro2020/CVE-2023-43147/ - Exploit, Third Party Advisory | |
CWE | CWE-352 | |
First Time |
Phpjabbers
Phpjabbers limo Booking Software |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
12 Oct 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI. | |
References |
|
|
12 Oct 2023, 16:52
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-12 16:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-43147
Mitre link : CVE-2023-43147
CVE.ORG link : CVE-2023-43147
JSON object : View
Products Affected
phpjabbers
- limo_booking_software
CWE
CWE-352
Cross-Site Request Forgery (CSRF)