Vulnerabilities (CVE)

Filtered by vendor Phpjabbers Subscribe
Filtered by product Document Creator
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40758 1 Phpjabbers 1 Document Creator 2024-11-21 N/A 9.8 CRITICAL
User enumeration is found in PHPJabbers Document Creator v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVE-2023-36313 1 Phpjabbers 1 Document Creator 2024-11-21 N/A 6.1 MEDIUM
PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of "Export Requests" aside from "request_feed".
CVE-2023-36311 1 Phpjabbers 1 Document Creator 2024-11-21 N/A 9.8 CRITICAL
There is a SQL injection (SQLi) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.
CVE-2023-36310 1 Phpjabbers 1 Document Creator 2024-11-21 N/A 6.1 MEDIUM
There is a Cross Site Scripting (XSS) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.
CVE-2023-36309 1 Phpjabbers 1 Document Creator 2024-11-21 N/A 6.1 MEDIUM
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Document Creator v1.0.