Denial of Service Vulnerability in PHPJabbers Restaurant Booking System
CVE-2023-51314

7.5HIGH

Key Information:

Vendor
PHPJabbers
Status
Restaurant Booking System
Vendor
CVE Published:
20 February 2025

Summary

The PHPJabbers Restaurant Booking System v3.0 is vulnerable due to insufficient rate limiting in its 'Forgot Password' and 'Email Settings' features. This flaw allows attackers to exploit the system by sending an overwhelming number of emails on behalf of legitimate users. Such an attack can lead to a Denial of Service (DoS), overwhelming the email server and disrupting the normal operations of the system.

References

https://www.phpjabbers.com/restaurant-booking-system/#sec...
https://packetstorm.news/files/id/176496

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.