PT-2025-7308 · Phpjabbers · Phpjabbers Cleaning Business

Published

2025-02-20

Updated

2025-02-20

CVE-2023-51326

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions PHPJabbers Cleaning Business Software version 1.0

Description A lack of rate limiting in the 'Forgot Password' feature allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

Recommendations For PHPJabbers Cleaning Business Software version 1.0, consider implementing rate limiting in the 'Forgot Password' feature to prevent excessive email sending. As a temporary workaround, consider disabling the 'Forgot Password' feature until a patch is available. Restrict access to the 'Forgot Password' feature to minimize the risk of exploitation.

Exploit

Fix

DoS

Authentication Bypass by Spoofing

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290

Related Identifiers

CVE-2023-51326

Affected Products

Phpjabbers Cleaning Business

PT-2025-7308 · Phpjabbers · Phpjabbers Cleaning Business

CVE-2023-51326

Weakness Enumeration

Related Identifiers

Affected Products

References · 8