Skip to main content

Class Scheduling System

7 CVEs product

Monthly

CVE-2023-36136 MEDIUM This Month

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Class Scheduling System
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-36137 MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Class Scheduling System
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-36135 HIGH This Week

User enumeration is found in in PHPJabbers Class Scheduling System v1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Class Scheduling System
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-36134 CRITICAL Act Now

In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Class Scheduling System
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-2826 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Class Scheduling System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-2823 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Class Scheduling System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Class Scheduling System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-2814 MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Class Scheduling System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
EPSS 0% CVSS 6.5
MEDIUM This Month

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Class Scheduling System
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Class Scheduling System
NVD
EPSS 0% CVSS 7.5
HIGH This Week

User enumeration is found in in PHPJabbers Class Scheduling System v1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Class Scheduling System
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Class Scheduling System
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Class Scheduling System
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in SourceCodester Class Scheduling System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Class Scheduling System
NVD GitHub VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Class Scheduling System
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy