Yacht Listing Script
Vulnerabilities
3
Known exploited
0
Max CVSS
9.8
Top EPSS
0.00974
Severity breakdown
Critical
1
High
1
Medium
1
Low
0
Also matched as (raw): yacht_listing_script
Top vulnerabilities
CVE-2023-40761User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
CVE-2023-38830An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module.
CVE-2023-40750There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0.