{"vulnerability": "CVE-2023-5133", "sightings": [{"uuid": "bd752e56-803e-4995-9ae9-d7126389c1ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51335", "type": "seen", "source": "https://t.me/cvedetector/18596", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51335 - PHPJabbers Cinema Booking System Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2023-51335 \nPublished : Feb. 20, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : PHPJabbers Cinema Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the \"title, name\" parameters. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:32.000000Z"}, {"uuid": "69163946-c920-414b-bd42-4d7b6921363e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51333", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lin66z3xmn23", "content": "", "creation_timestamp": "2025-02-20T20:51:33.190458Z"}, {"uuid": "2ba0cbbe-9cd0-4667-a5f2-67b59515d4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51335", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lin66zcxns2p", "content": "", "creation_timestamp": "2025-02-20T20:51:34.305206Z"}, {"uuid": "b84abad2-5174-42e4-9477-ebf28fc3bc52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51334", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lin66zjd4p2p", "content": "", "creation_timestamp": "2025-02-20T20:51:34.955446Z"}, {"uuid": "7f0e59eb-e028-43ae-a7e0-b4937e148ee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51331", "type": "seen", "source": "MISP/9ca82492-7deb-4197-a6f1-191e121eef96", "content": "", "creation_timestamp": "2025-08-25T13:32:05.000000Z"}, {"uuid": "16aaed75-c5a2-4baf-99c7-c0c84b1fc645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51331", "type": "seen", "source": "https://t.me/cvedetector/18573", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51331 - PHPJabbers Cleaning Business Software CSV Injection Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2023-51331 \nPublished : Feb. 20, 2025, 4:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T19:00:44.000000Z"}, {"uuid": "1338354e-db4c-4089-ad61-8f9a4cf51c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51339", "type": "seen", "source": "https://t.me/cvedetector/18582", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51339 - PHPJabbers Event Ticketing System Email Flood DoS\", \n  \"Content\": \"CVE ID : CVE-2023-51339 \nPublished : Feb. 20, 2025, 7:15 p.m. | 22\u00a0minutes ago \nDescription : A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:15.000000Z"}, {"uuid": "02a17af9-7a80-4c80-a8f3-1e1ad5f3bf0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51338", "type": "seen", "source": "https://t.me/cvedetector/18581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51338 - PHPJabbers Meeting Room Booking System Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2023-51338 \nPublished : Feb. 20, 2025, 7:15 p.m. | 22\u00a0minutes ago \nDescription : PHPJabbers Meeting Room Booking System v1.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the \"title, name\" parameters of\u00a0index.php\u00a0page. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:12.000000Z"}, {"uuid": "629d1863-3f5d-4abd-928d-18b055b6a2ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51337", "type": "seen", "source": "https://t.me/cvedetector/18580", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51337 - PHPJabbers Event Ticketing System Reflected Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2023-51337 \nPublished : Feb. 20, 2025, 7:15 p.m. | 22\u00a0minutes ago \nDescription : PHPJabbers Event Ticketing System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in \"lid\" parameter in index. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:11.000000Z"}, {"uuid": "a7161ad9-1037-46f2-91e3-ad46172a59ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51333", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114044549960307057", "content": "", "creation_timestamp": "2025-02-21T23:48:52.135487Z"}, {"uuid": "9500ea93-cba4-4182-a8a2-24500b10ce5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51336", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114044549996643767", "content": "", "creation_timestamp": "2025-02-21T23:48:53.227437Z"}, {"uuid": "440e9e8f-baaa-48ed-a05a-ba00aad752bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51333", "type": "seen", "source": "https://t.me/cvedetector/18594", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51333 - PHPJabbers Cinema Booking System Remote Code Execution via CSV Injection\", \n  \"Content\": \"CVE ID : CVE-2023-51333 \nPublished : Feb. 20, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:30.000000Z"}, {"uuid": "faf56835-a385-4fc0-8b9b-b66d431ae206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51334", "type": "seen", "source": "https://t.me/cvedetector/18595", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51334 - PHPJabbers Cinema Booking System Email Flood Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-51334 \nPublished : Feb. 20, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cinema Booking System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:31.000000Z"}, {"uuid": "dc196636-ec01-479a-8c43-d3a5f388784d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51336", "type": "seen", "source": "https://t.me/cvedetector/18579", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51336 - PHPJabbers Meeting Room Booking System CSV Injection Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2023-51336 \nPublished : Feb. 20, 2025, 7:15 p.m. | 22\u00a0minutes ago \nDescription : PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:10.000000Z"}, {"uuid": "1aa94082-58a4-43dc-aeed-0fdacd0e4413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51330", "type": "seen", "source": "https://t.me/cvedetector/18575", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51330 - PHPJabbers Cinema Booking System Reflected XSS\", \n  \"Content\": \"CVE ID : CVE-2023-51330 \nPublished : Feb. 20, 2025, 4:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : PHPJabbers Cinema Booking System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in Now Showing menu \"date\" parameter. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T19:00:46.000000Z"}, {"uuid": "d104c9a7-cab1-4816-b475-f9c45379a94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51332", "type": "seen", "source": "https://t.me/cvedetector/18574", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51332 - PHPJabbers Meeting Room Booking System Email DoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-51332 \nPublished : Feb. 20, 2025, 4:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Meeting Room Booking System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T19:00:45.000000Z"}, {"uuid": "e055c2aa-b395-4c88-a06d-1bd40f83c2f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51339", "type": "seen", "source": "Telegram/l2staJg81n9PyEVgyLyV45c1jkM3YPi_Joj41Cq6hTaSD5Iw", "content": "", "creation_timestamp": "2025-02-20T23:26:56.000000Z"}, {"uuid": "ba087e72-7238-4021-9fcd-cbecb5dfa971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51339", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-51339\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.\n\ud83d\udccf Published: 2025-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T17:52:58.816Z\n\ud83d\udd17 References:\n1. https://www.phpjabbers.com/event-ticketing-system/#sectionDemo\n2. https://packetstorm.news/files/id/176519", "creation_timestamp": "2025-02-21T18:19:11.000000Z"}, {"uuid": "c2f9c4cf-2ecd-4499-b02f-b7519522b13f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51331", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4986", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-51331\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file.\n\ud83d\udccf Published: 2025-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T20:33:03.469Z\n\ud83d\udd17 References:\n1. https://www.phpjabbers.com/cleaning-business-software/#sectionDemo\n2. https://packetstorm.news/files/id/176509", "creation_timestamp": "2025-02-21T21:22:39.000000Z"}, {"uuid": "7b0517be-319e-4c16-bee0-8372b80760bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51338", "type": "seen", "source": "Telegram/qow4_lzzrT-fwmEHMxu-svM491rRkOLXHeQ-FWKPI44vKPyZ", "content": "", "creation_timestamp": "2025-02-20T23:26:56.000000Z"}, {"uuid": "bb6e76f2-428b-481e-9389-54bdf473dfc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51337", "type": "seen", "source": "Telegram/CUg_6iU6vCDPtyKJ8tYNk8BKE2Ho1Ch47Dzmxwlcyk3zZXiL", "content": "", "creation_timestamp": "2025-02-20T23:26:56.000000Z"}, {"uuid": "c884f11d-171c-497d-b02d-0bfe6ebea003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51336", "type": "seen", "source": "Telegram/zK1ME74dN7CMjyh5hnZjvg6VqQjfGssK0LQCyCbfLFirTF_j", "content": "", "creation_timestamp": "2025-02-20T23:26:56.000000Z"}, {"uuid": "d2be2ffd-10f6-4147-9fd1-93306934a9a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5133", "type": "seen", "source": "https://t.me/cibsecurity/72364", "content": "\u203c CVE-2023-5133 \u203c\n\nThis user-activity-log-pro WordPress plugin before 2.3.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T00:38:12.000000Z"}]}