CVE-2023-51320

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-94
View all →

Vulnerability Description

PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file.

Related Vulnerabilities

CVE-2014-8677

MEDIUM
CVSS:5.3(Medium)

The installation process for SOPlanning 1.32 and earlier allows remote authenticated users with a prepared database, and access to an existing database with a crafted name, or permissions to create ar...

CWE-942014

CVE-2015-5970

MEDIUM
CVSS:5.3(Medium)

The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a malformed...

CWE-942015

CVE-2019-3652

MEDIUM
CVSS:5.3(Medium)

Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code ...

CWE-942019

CVE-2022-0578

MEDIUM
CVSS:5.3(Medium)

Code Injection in GitHub repository publify/publify prior to 9.2.8.

CWE-942022

CVE-2023-39333

MEDIUM
CVSS:5.3(Medium)

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not ha...

CWE-942023

CVE-2023-43792

MEDIUM
CVSS:5.3(Medium)

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions...

CWE-942023