Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Phpjabbers Subscribe
Filtered by product Make An Offer Widget
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40752 1 Phpjabbers 1 Make An Offer Widget 2024-02-28 N/A 6.1 MEDIUM
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0.
CVE-2023-40767 1 Phpjabbers 1 Make An Offer Widget 2024-02-28 N/A 9.8 CRITICAL
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024