Denial of Service Vulnerability in PHPJabbers Car Park Booking System
CVE-2023-51309

4.3MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Car Park Booking System
Vendor: CVE Published:; 20 February 2025

Summary

The 'Email Settings' feature in PHPJabbers Car Park Booking System version 3.0 is flawed due to a lack of rate limiting. This vulnerability allows attackers to exploit the system by sending an excessive number of emails on behalf of legitimate users. The result can lead to a Denial of Service (DoS), as the volume of generated emails overwhelms the user's email service, potentially disrupting operations and causing significant inconvenience.

References

https://www.phpjabbers.com/car-park-booking/#sectionDemo

https://packetstorm.news/files/id/176492

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023