CVE-2023-53926

High CVSS: 8.7

PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database information.

Vendor

Phpjabbers

Product

Simple Cms

CWE

CWE-89

Yayın Tarihi

2025-12-17 23:15:51

Güncelleme

2025-12-24 18:03:04

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-89 Simple Cms HIGH Phpjabbers 2025

Referanslar

https://www.exploit-db.com/exploits/51416 https://www.phpjabbers.com/faq.php https://www.vulncheck.com/advisories/phpjabbers-simple-cms-sql-injection-via-column-parameter

Benzer Kayıtlar

Medium

CVE-2023-53927

PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to in…

Critical

CVE-2023-53877

Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to ma…

Medium

CVE-2025-10827

A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown fun…

Medium

CVE-2023-51295

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin…

Medium

CVE-2023-51328

PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "c_name, n…

High

CVE-2023-51336

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to exe…