GCVE - cpe:2.3:a:phpjabbers:class_scheduling

Approved changes feed: RSS · Atom

cpe:2.3:a:phpjabbers:class_scheduling_system:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Phpjabbers (`2f919538-31c8-5cbb-b18c-c6079deaeb0d`)
Product	Class Scheduling System (`f5d17436-73d9-52ea-880f-e1a3eb9f66f3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-36137`	vulnerable	2026-06-03 14:52:19.655657	Details available There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0. Published: 2023-08-03T00:00:00.000Z Updated: 2024-10-17T17:59:55.620Z Open on db.gcve.eu Reference links https://www.phpjabbers.com/class-scheduling-system https://medium.com/%40bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-36136`	vulnerable	2026-06-03 14:52:19.655349	Details available PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account (update user page) allowing an attacker to capture all user names and passwords in clear text. Published: 2023-08-08T00:00:00.000Z Updated: 2024-10-10T19:05:14.082Z Open on db.gcve.eu Reference links https://www.phpjabbers.com/class-scheduling-system https://medium.com/%40blakehodder/additional-vulnerabilities-in-php-jabbers-scripts-c6bbd89b24bb	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-36135`	vulnerable	2026-06-03 14:52:19.655028	Details available User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. Published: 2023-08-03T00:00:00.000Z Updated: 2024-10-17T18:00:19.807Z Open on db.gcve.eu Reference links https://www.phpjabbers.com/class-scheduling-system https://medium.com/%40bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-36134`	vulnerable	2026-06-03 14:52:19.654629	Details available In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. Published: 2023-08-03T00:00:00.000Z Updated: 2024-10-17T18:00:50.519Z Open on db.gcve.eu Reference links https://www.phpjabbers.com/class-scheduling-system https://medium.com/%40bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

PHPJabbers Class Scheduling System 1.0

PURL mappings

Vulnerability references

Contribute