Email Settings Feature Vulnerability in PHPJabbers Car Park Booking System
CVE-2023-51310

4.3MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Car Park Booking System
Vendor: CVE Published:; 20 February 2025

What is CVE-2023-51310?

The Car Park Booking System by PHPJabbers is prone to a vulnerability in its 'Forgot Password' and 'Email Settings' features. This flaw allows an attacker to exploit the absence of rate limiting, permitting them to send a significant number of emails on behalf of a legitimate user. The outcome can lead to a Denial of Service condition, overwhelming email resources and potentially disrupting normal service operations. It is crucial for affected users to implement immediate corrective measures to mitigate this risk.

References

https://www.phpjabbers.com/car-park-booking/#sectionDemo

https://packetstorm.news/files/id/176492

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023