CVE-2023-53927

Medium CVSS: 5.1

PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections, potentially enabling client-side code execution.

Vendor

Phpjabbers

Product

Simple Cms

CWE

CWE-79

Yayın Tarihi

2025-12-17 23:15:52

Güncelleme

2025-12-27 17:15:44

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-79 Simple Cms MEDIUM Phpjabbers 2025

Referanslar

https://www.exploit-db.com/exploits/51415 https://www.phpjabbers.com/ https://www.vulncheck.com/advisories/phpjabbers-simple-cms-stored-cross-site-scripting-via-section-creation https://www.exploit-db.com/exploits/51415

Benzer Kayıtlar

High

CVE-2023-53926

PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers…

Critical

CVE-2023-53877

Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to ma…

Medium

CVE-2025-10827

A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown fun…

Medium

CVE-2023-51295

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin…

Medium

CVE-2023-51328

PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "c_name, n…

High

CVE-2023-51336

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to exe…