Skip to main content

Callback Widget

5 CVEs product

Monthly

CVE-2023-40756 CRITICAL Act Now

User enumeration is found in PHPJabbers Callback Widget v1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Callback Widget
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-40755 MEDIUM POC This Month

There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2023-36315 MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-36314 MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the value-text-o_sms_email_request_message parameters of index.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-36312 MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the value-enum-o_bf_include_timezone parameter of index.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD
CVSS 3.1
5.4
EPSS
0.4%
EPSS 1% CVSS 9.8
CRITICAL Act Now

User enumeration is found in PHPJabbers Callback Widget v1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Callback Widget
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the value-text-o_sms_email_request_message parameters of index.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the value-enum-o_bf_include_timezone parameter of index.php in PHPJabbers Callback Widget v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Callback Widget
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy