CVE-2023-51313

HIGH Year: 2023
CVSS v3 Score
8.8
High
Weakness Type
CWE-94
View all →

Vulnerability Description

PHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file.

Related Vulnerabilities

CVE-2009-1547

HIGH
CVSS:8.8(High)

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, a...

CWE-942009

CVE-2011-1265

HIGH
CVSS:8.8(High)

The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, ...

CWE-942011

CVE-2011-1830

HIGH
CVSS:8.8(High)

Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so.

CWE-942011

CVE-2012-0158

HIGH
CVSS:8.8(High)

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2...

CWE-942012

CVE-2012-0175

HIGH
CVSS:8.8(High)

The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitr...

CWE-942012

CVE-2014-4000

HIGH
CVSS:8.8(High)

Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes...

CWE-942014