PT-2025-7293 · Phpjabbers · Phpjabbers Car Park Booking System
Published
2025-02-20
·
Updated
2025-06-05
·
CVE-2023-51310
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
PHPJabbers Car Park Booking System version 3.0
Description
A lack of rate limiting in the 'Forgot Password' and 'Email Settings' features allows attackers to send an excessive amount of email to a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated email messages.
Recommendations
For PHPJabbers Car Park Booking System version 3.0, consider implementing rate limiting in the 'Forgot Password' and 'Email Settings' features to prevent excessive email sending. As a temporary workaround, restrict access to these features to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpjabbers Car Park Booking System