RSS   Vulnerabilities for 'Time slots booking calendar'   RSS

2023-12-07
 
CVE-2023-48826

CWE-74
 

 
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List.

 
 
CVE-2023-48827

CWE-79
 

 
Time Slots Booking Calendar 4.0 is vulnerable to Multiple HTML Injection issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.

 
 
CVE-2023-48828

CWE-79
 

 
Time Slots Booking Calendar 4.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.

 
 
CVE-2023-48833

CWE-400
 

 
A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion.

 

 >>> Vendor: Phpjabbers 9 Products
Vacation rental script
Appointment scheduler
Event booking calendar
Rate me
Car rental script
Fundraising script
Time slots booking calendar
Availability booking calendar
Shuttle booking software


Copyright 2024, cxsecurity.com

 

Back to Top