PHPJabbers Make An Offer Widget 1.0

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:phpjabbers:make_an_offer_widget:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

VendorPhpjabbers (2f919538-31c8-5cbb-b18c-c6079deaeb0d)
ProductMake An Offer Widget (58fc958b-7662-5f96-bf72-4a7b3aefc07e)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-40767 vulnerable 2026-06-03 14:52:50.637518 Details available
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
Published: 2023-08-28T00:00:00.000Z
Updated: 2024-10-02T15:31:13.361Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-40752 vulnerable 2026-06-03 14:52:50.622335 Details available
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0.
Published: 2023-08-28T00:00:00.000Z
Updated: 2024-10-02T15:53:50.302Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.