Search Results | AttackerKB

Show filters

Topics 3 Users 9,710

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2023-40766

Disclosure Date: August 28, 2023 (last updated October 08, 2023)

User enumeration is found in in PHPJabbers Ticket Support Script v3.2. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-40753

Disclosure Date: August 28, 2023 (last updated October 08, 2023)

There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-39776

Disclosure Date: August 10, 2023 (last updated October 08, 2023)

A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 allows attackers to execute arbitrary code via uploading a crafted file.

Attack Vector: Network Privileges: None User Interaction: None

0