CVE-2023-51313

Name of the Vulnerable Software and Affected Versions PHPJabbers Restaurant Booking System version 3.0

Description The issue is related to a CSV Injection vulnerability that allows an attacker to execute remote code. This vulnerability exists due to insufficient input validation on the Languages section Labels any parameters field in System Options, which is used to construct a CSV file.

Recommendations For PHPJabbers Restaurant Booking System version 3.0, consider disabling the functionality that constructs CSV files from user-inputted data in the System Options until a patch is available. Restrict access to the Languages section Labels any parameters field to minimize the risk of exploitation. Avoid using the parameters related to the CSV file construction in the affected System Options until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.