Skip to main content

Yacht Listing Script

3 CVEs product

Monthly

CVE-2023-40761 CRITICAL Act Now

User enumeration is found in PHPJabbers Yacht Listing Script v2.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Yacht Listing Script
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-40750 MEDIUM POC This Month

There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Yacht Listing Script
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2023-38830 HIGH This Week

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Yacht Listing Script
NVD
CVSS 3.1
7.5
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL Act Now

User enumeration is found in PHPJabbers Yacht Listing Script v2.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Yacht Listing Script
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Yacht Listing Script
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Yacht Listing Script
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy