User Enumeration Vulnerability in PHPJabbers Class Scheduling System
CVE-2023-36135

7.5HIGH

Key Information:

Vendor: PHPjabbers
Status: Class Scheduling System
Vendor: CVE Published:; 4 August 2023

What is CVE-2023-36135?

The PHPJabbers Class Scheduling System v1.0 contains a vulnerability that allows for user enumeration through its password recovery feature. Attackers can exploit this issue by analyzing the different responses returned when attempting to recover passwords. If the system indicates whether a username exists or not based on its messaging, it may lead to the identification of valid users. This exploit enables the possibility for subsequent brute force attacks against valid accounts, posing a significant risk if not addressed.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.phpjabbers.com/class-scheduling-system

https://medium.com/%40bcksec/multiple-vulnerabilities-in-...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 4, 2023
Vulnerability Reserved
Jun 21, 2023

JSON

PHPjabbers

What is CVE-2023-36135?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.