Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Phpjabbers

Source -

CNA

BOS Name -

PHPJabbers Ltd.

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
2Vulnerabilities found
CVE-2023-53878
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-7.3||HIGH
EPSS-0.07% / 20.19%
||
7 Day CHG~0.00%
Published-15 Dec, 2025 | 20:28
Updated-16 Dec, 2025 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Member Login Script 3.3 Client-Side Request Desynchronization Vulnerability

Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls.

Action-Not Available
Vendor-PHPJabbers Ltd.
Product-Member Login Script
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2023-53877
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 13.47%
||
7 Day CHG~0.00%
Published-15 Dec, 2025 | 20:28
Updated-18 Dec, 2025 | 22:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bus Reservation System 1.1 Multiple SQL Injection via pickup_id Parameter

Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to steal information from the database.

Action-Not Available
Vendor-PHPJabbers Ltd.
Product-bus_reservation_systemBus Reservation System
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')