Phpjabbers Security Vulnerabilities (CVEs)
Track 62 security vulnerabilities affecting Phpjabbers products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting (XSS) vulnerability that allows authenticated attackers to inject malicious JavaScrip...
Dec 17, 2025PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to execute arbitrary SQL comma...
Dec 17, 2025Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to execute arbitrary SQL queries. T...
Dec 15, 2025This vulnerability allows attackers to inject malicious scripts into the PHPJabbers Restaurant Menu Maker application through the theme parameter in /...
Sep 23, 2025PHPJabbers Cleaning Business Software v1.0 contains stored cross-site scripting vulnerabilities in the 'c_name' and 'name' parameters. Attackers can i...
May 8, 2025CVE-2023-51336 is a CSV injection vulnerability in PHPJabbers Meeting Room Booking System v1.0 that allows attackers to execute remote code by injecti...
Feb 20, 2025PHPJabbers Event Ticketing System v1.0 contains a reflected cross-site scripting vulnerability in the 'lid' parameter of the index page. This allows a...
Feb 20, 2025This vulnerability allows attackers to send excessive password reset emails to legitimate users by exploiting missing rate limiting in the 'Forgot Pas...
Feb 20, 2025PHPJabbers Cinema Booking System v1.0 has a CSV injection vulnerability that allows attackers to execute arbitrary code on the server. This affects ad...
Feb 20, 2025This vulnerability allows attackers to send excessive password reset emails to legitimate users by exploiting missing rate limiting in the 'Forgot Pas...
Feb 20, 2025This vulnerability allows attackers to send excessive password reset emails to legitimate users by exploiting missing rate limiting in the Forgot Pass...
Feb 20, 2025PHPJabbers Shared Asset Booking System v1.0 contains stored cross-site scripting vulnerabilities in the 'title' and 'name' parameters. This allows att...
Feb 20, 2025This vulnerability allows attackers to send excessive password reset emails to legitimate users by exploiting missing rate limiting in the Forgot Pass...
Feb 20, 2025PHPJabbers Cleaning Business Software v1.0 has a CSV injection vulnerability that allows attackers to execute arbitrary code when malicious CSV files ...
Feb 20, 2025PHPJabbers Restaurant Booking System v3.0 contains multiple HTML injection vulnerabilities in various parameters, allowing attackers to inject malicio...
Feb 20, 2025CVE-2023-51319 is a CSV injection vulnerability in PHPJabbers Bus Reservation System v1.1 that allows attackers to execute arbitrary code through mali...
Feb 20, 2025PHPJabbers Night Club Booking Software v1.0 has a CSV injection vulnerability in the Languages section Labels parameters field that allows attackers t...
Feb 20, 2025CVE-2023-51311 is a CSV injection vulnerability in PHPJabbers Car Park Booking System v3.0 that allows attackers to execute remote code by exploiting ...
Feb 20, 2025PHPJabbers Restaurant Booking System v3.0 contains a reflected cross-site scripting vulnerability in the Schedule section's date parameter. Attackers ...
Feb 20, 2025PHPJabbers Restaurant Booking System v3.0 has a CSV injection vulnerability that allows attackers to execute arbitrary code on the server. The vulnera...
Feb 20, 2025This vulnerability allows attackers to send excessive password reset and email change requests to legitimate users, potentially causing denial of serv...
Feb 20, 2025PHPJabbers Restaurant Booking System v3.0 contains multiple stored cross-site scripting (XSS) vulnerabilities in several parameters (seat_name, plugin...
Feb 20, 2025This vulnerability allows attackers to abuse the 'Forgot Password' feature in PHPJabbers Bus Reservation System v1.1 by sending excessive password res...
Feb 20, 2025PHPJabbers Event Ticketing System v1.0 contains stored cross-site scripting vulnerabilities in the 'name' and 'title' parameters. Attackers can inject...
Feb 20, 2025This vulnerability in PHPJabbers Car Park Booking System allows attackers to send excessive emails through the Email Settings feature due to missing r...
Feb 20, 2025PHPJabbers Event Ticketing System v1.0 contains multiple HTML injection vulnerabilities in several parameters (lid, name, plugin_sms_api_key, plugin_s...
Feb 19, 2025PHPJabbers Hotel Booking System v4.0 contains multiple cross-site scripting (XSS) vulnerabilities in various parameters that allow attackers to inject...
Feb 19, 2025This vulnerability allows attackers to send unlimited password reset requests for legitimate users in PHPJabbers Hotel Booking System v4.0, potentiall...
Feb 19, 2025PHPJabbers Hotel Booking System v4.0 has a CSV injection vulnerability that allows attackers to execute arbitrary code when malicious CSV files are pr...
Feb 19, 2025PHPJabbers Event Booking Calendar v4.0 has a CSV injection vulnerability that allows attackers to inject malicious formulas into exported CSV files. W...
Feb 19, 2025This vulnerability allows attackers to send excessive password reset or email change requests to legitimate users, potentially causing email denial-of...
Feb 19, 2025PHPJabbers Event Booking Calendar v4.0 contains a cross-site scripting vulnerability in multiple parameters that allows attackers to inject malicious ...
Feb 19, 2025PHPJabbers Cinema Booking System v2.0 contains reflected cross-site scripting vulnerabilities where multiple endpoints fail to properly sanitize user ...
Feb 6, 2025A stored cross-site scripting vulnerability in PHPJabbers Cinema Booking System v2.0 allows attackers to inject malicious JavaScript through file uplo...
Feb 6, 2025An SQL injection vulnerability in PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate database queries through the column parameter i...
Feb 6, 2025This vulnerability in Appointment Scheduler 3.0 allows attackers to send unlimited AJAX requests to the pjActionAjaxSend endpoint, causing resource ex...
Dec 7, 2023Shuttle Booking Software 2.0 contains a CSV injection vulnerability in the Languages export functionality. This allows attackers to inject malicious f...
Dec 7, 2023This vulnerability in Time Slots Booking Calendar 4.0 allows attackers to send unlimited AJAX requests to the pjActionAJaxSend endpoint, causing resou...
Dec 7, 2023Car Rental Script v3.0 contains a CSV injection vulnerability in the Language > Labels > Export functionality. This allows attackers to inject malicio...
Dec 7, 2023Time Slots Booking Calendar 4.0 contains a CSV injection vulnerability in the unique ID field of the Reservations List. This allows attackers to injec...
Dec 7, 2023CVE-2023-48207 is a CSV injection vulnerability in Availability Booking Calendar 5.0 that allows attackers to inject malicious formulas into exported ...
Dec 7, 2023CVE-2023-36127 is a user enumeration vulnerability in PHPJabbers Appointment Scheduler 3.0 that allows attackers to determine valid usernames via pass...
Oct 10, 2023CVE-2023-43274 is an SQL injection vulnerability in Phpjabbers PHP Shopping Cart 4.2 that allows attackers to execute arbitrary SQL commands via the i...
Sep 21, 2023CVE-2023-36140 is a critical authentication vulnerability in PHPJabbers Cleaning Business Software 1.0 where user passwords are stored without encrypt...
Sep 11, 2023CVE-2023-41539 is an SQL injection vulnerability in phpjabbers Business Directory Script that allows attackers to execute arbitrary SQL commands via t...
Aug 30, 2023This vulnerability in PHPJabbers Callback Widget v1.0 allows attackers to enumerate valid user accounts through differences in password recovery messa...
Aug 28, 2023This vulnerability in PHPJabbers Document Creator v1.0 allows attackers to enumerate valid user accounts through the password recovery feature. By obs...
Aug 28, 2023This vulnerability in PHP Jabbers Hotel Booking System v4.0 allows attackers to enumerate valid user accounts through password recovery functionality....
Aug 28, 2023This vulnerability in PHPJabbers Fundraising Script v1.0 allows attackers to enumerate valid user accounts through the password recovery feature. By o...
Aug 28, 2023This vulnerability in PHP Jabbers Car Rental Script v3.0 allows attackers to enumerate valid user accounts through the password recovery feature. By o...
Aug 28, 2023Why Monitor Phpjabbers Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 62+ known vulnerabilities affecting Phpjabbers products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Phpjabbers packages in under 60 seconds. No agents required - completely agentless scanning that works across Phpjabbers deployments.
Free vulnerability database: Access detailed information about every Phpjabbers CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Phpjabbers CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
