Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Phpjabbers Subscribe
Filtered by product Callback Widget
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40756 1 Phpjabbers 1 Callback Widget 2024-11-21 N/A 9.8 CRITICAL
User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVE-2023-40755 1 Phpjabbers 1 Callback Widget 2024-11-21 N/A 6.1 MEDIUM
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0.
CVE-2023-36315 1 Phpjabbers 1 Callback Widget 2024-11-21 N/A 6.1 MEDIUM
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0.
CVE-2023-36314 1 Phpjabbers 1 Callback Widget 2024-11-21 N/A 6.1 MEDIUM
There is a Cross Site Scripting (XSS) vulnerability in the value-text-o_sms_email_request_message parameters of index.php in PHPJabbers Callback Widget v1.0.
CVE-2023-36312 1 Phpjabbers 1 Callback Widget 2024-11-21 N/A 5.4 MEDIUM
There is a Cross Site Scripting (XSS) vulnerability in the value-enum-o_bf_include_timezone parameter of index.php in PHPJabbers Callback Widget v1.0.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024