CVE-2023-51324

Name of the Vulnerable Software and Affected Versions PHPJabbers Shared Asset Booking System version 1.0

Description The issue is related to a CSV injection vulnerability that allows an attacker to execute remote code. This vulnerability exists due to insufficient input validation in the Languages section Labels any parameters field in System Options, which is used to construct the CSV file.

Recommendations For PHPJabbers Shared Asset Booking System version 1.0, consider disabling the functionality that allows user input in the Languages section Labels any parameters field in System Options until a patch is available. Restrict access to the System Options to minimize the risk of exploitation. Avoid using the parameters field in the affected section until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.