Fundraising Script
by Phpjabbers
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-40751 | 0.00 | — | 0.01 | Aug 28, 2023 | PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php. | |||
| CVE-2023-40762 | 0.00 | — | 0.01 | Aug 28, 2023 | User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. | |||
| CVE-2020-22226 | 0.00 | — | 0.01 | Nov 5, 2021 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function. | |||
| CVE-2020-22225 | 0.00 | — | 0.01 | Nov 5, 2021 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function. | |||
| CVE-2020-22224 | 0.00 | — | 0.01 | Nov 5, 2021 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function. | |||
| CVE-2020-22223 | 0.00 | — | 0.01 | Nov 5, 2021 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function. | |||
| CVE-2020-22222 | 0.00 | — | 0.01 | Nov 5, 2021 | Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function. |
- CVE-2023-40751Aug 28, 2023risk 0.00cvss —epss 0.01
PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php.
- CVE-2023-40762Aug 28, 2023risk 0.00cvss —epss 0.01
User enumeration is found in PHPJabbers Fundraising Script v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
- CVE-2020-22226Nov 5, 2021risk 0.00cvss —epss 0.01
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.
- CVE-2020-22225Nov 5, 2021risk 0.00cvss —epss 0.01
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function.
- CVE-2020-22224Nov 5, 2021risk 0.00cvss —epss 0.01
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionPreview function.
- CVE-2020-22223Nov 5, 2021risk 0.00cvss —epss 0.01
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.
- CVE-2020-22222Nov 5, 2021risk 0.00cvss —epss 0.01
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the pjActionLoadCss function.