CVE-2023-53877

Critical CVSS: 9.3

Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to steal information from the database.

Vendor

Phpjabbers

Product

Bus Reservation System

CWE

CWE-89

Yayın Tarihi

2025-12-15 21:15:50

Güncelleme

2025-12-18 22:36:03

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-89 Bus Reservation System CRITICAL Phpjabbers 2025

Referanslar

https://www.exploit-db.com/exploits/51712 https://www.phpjabbers.com/bus-reservation-system/ https://www.vulncheck.com/advisories/bus-reservation-system-multiple-sql-injection-via-pickupid-parameter

Benzer Kayıtlar

Medium

CVE-2023-53927

PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to in…

High

CVE-2023-53926

PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers…

Medium

CVE-2025-10827

A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown fun…

Medium

CVE-2023-51295

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin…

Medium

CVE-2023-51328

PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "c_name, n…

High

CVE-2023-51336

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to exe…