CSV Injection Vulnerability in PHPJabbers Night Club Booking Software
CVE-2023-51320

5.3MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Night Club Booking Software
Vendor: CVE Published:; 20 February 2025

What is CVE-2023-51320?

The PHPJabbers Night Club Booking Software version 1.0 has a CSV Injection vulnerability stemming from inadequate input validation in the parameters used to construct CSV files. This flaw allows attackers to manipulate the language-specific fields within the software's settings, potentially enabling them to execute remote code. Proper validation and sanitization of user inputs are essential to mitigate this risk and protect sensitive data from exploitation.

References

https://www.phpjabbers.com/night-club-booking-software/#s...

https://packetstorm.news/files/id/176501

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023