CVE-2023-40754

Name of the Vulnerable Software and Affected Versions PHPJabbers Car Rental Script version 3.0

Description The issue allows remote attackers to take over accounts due to a lack of verification when changing an email address and/or password on the Profile Page.

Recommendations For PHPJabbers Car Rental Script version 3.0, consider temporarily disabling the account modification feature on the Profile Page until a patch is available. Restrict access to the Profile Page to minimize the risk of exploitation. Avoid using the email address and password change functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.